<!DOCTYPE html>












  


<html class="theme-next mist use-motion" lang="zh-Hans">
<head><meta name="generator" content="Hexo 3.9.0">
  <meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=2">
<meta name="theme-color" content="#222">









  
  
    
  
  <link rel="stylesheet" media="all" href="https://cdnjs.cloudflare.com/ajax/libs/Han/3.3.0/han.min.css">




<meta http-equiv="Cache-Control" content="no-transform">
<meta http-equiv="Cache-Control" content="no-siteapp">



















  
  
  
  

  
    
    
  

  

  

  

  

  
    
    
    <link href="//fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext" rel="stylesheet" type="text/css">
  






  

<link href="https://cdn.bootcss.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" type="text/css">

<link href="/css/main.css?v=6.3.0" rel="stylesheet" type="text/css">


  <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon-next.png?v=6.3.0">


  <link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32-next.png?v=6.3.0">


  <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16-next.png?v=6.3.0">


  <link rel="mask-icon" href="/images/logo.svg?v=6.3.0" color="#222">









<script type="text/javascript" id="hexo.configurations">
  var NexT = window.NexT || {};
  var CONFIG = {
    root: '/',
    scheme: 'Mist',
    version: '6.3.0',
    sidebar: {"position":"left","display":"hide","offset":12,"b2t":false,"scrollpercent":false,"onmobile":false},
    fancybox: false,
    fastclick: false,
    lazyload: false,
    tabs: true,
    motion: {"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},
    algolia: {
      applicationID: '',
      apiKey: '',
      indexName: '',
      hits: {"per_page":10},
      labels: {"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}
    }
  };
</script>


  




  <meta name="description" content="文件/目录ls 文件列表123456789# -1 :每个文件展示一行  -l :展示全部信息(权限, 时间等, 首字母为文件类型: -:普通文件 d:文件夹 s:socket文件 l:链接文件)  ls -t    # 按更新时间排序, 最新的在前ls -tr    # 按更新时间排序, 最旧的在前, -r:倒序ls -h    # 使用可读单位(K, M, G)显示文件大小ls -d /roo">
<meta name="keywords" content="linux,命令">
<meta property="og:type" content="article">
<meta property="og:title" content="Linux常用命令">
<meta property="og:url" content="http://codertang.com/2018/03/08/linux-commands/index.html">
<meta property="og:site_name" content="Tonny&#39;s Blog">
<meta property="og:description" content="文件/目录ls 文件列表123456789# -1 :每个文件展示一行  -l :展示全部信息(权限, 时间等, 首字母为文件类型: -:普通文件 d:文件夹 s:socket文件 l:链接文件)  ls -t    # 按更新时间排序, 最新的在前ls -tr    # 按更新时间排序, 最旧的在前, -r:倒序ls -h    # 使用可读单位(K, M, G)显示文件大小ls -d /roo">
<meta property="og:locale" content="zh-Hans">
<meta property="og:image" content="https://upload.wikimedia.org/wikipedia/commons/thumb/3/37/Netfilter-packet-flow.svg/2880px-Netfilter-packet-flow.svg.png">
<meta property="og:image" content="https://tonnyblog.oss-cn-beijing.aliyuncs.com/img/20210806174355.jpeg">
<meta property="og:updated_time" content="2021-12-03T02:14:48.858Z">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="Linux常用命令">
<meta name="twitter:description" content="文件/目录ls 文件列表123456789# -1 :每个文件展示一行  -l :展示全部信息(权限, 时间等, 首字母为文件类型: -:普通文件 d:文件夹 s:socket文件 l:链接文件)  ls -t    # 按更新时间排序, 最新的在前ls -tr    # 按更新时间排序, 最旧的在前, -r:倒序ls -h    # 使用可读单位(K, M, G)显示文件大小ls -d /roo">
<meta name="twitter:image" content="https://upload.wikimedia.org/wikipedia/commons/thumb/3/37/Netfilter-packet-flow.svg/2880px-Netfilter-packet-flow.svg.png">






  <link rel="canonical" href="http://codertang.com/2018/03/08/linux-commands/">



<script type="text/javascript" id="page.configurations">
  CONFIG.page = {
    sidebar: "",
  };
</script>

  <title>Linux常用命令 | Tonny's Blog</title>
  









  <noscript>
  <style type="text/css">
    .use-motion .motion-element,
    .use-motion .brand,
    .use-motion .menu-item,
    .sidebar-inner,
    .use-motion .post-block,
    .use-motion .pagination,
    .use-motion .comments,
    .use-motion .post-header,
    .use-motion .post-body,
    .use-motion .collection-title { opacity: initial; }

    .use-motion .logo,
    .use-motion .site-title,
    .use-motion .site-subtitle {
      opacity: initial;
      top: initial;
    }

    .use-motion {
      .logo-line-before i { left: initial; }
      .logo-line-after i { right: initial; }
    }
  </style>
</noscript>

</head>

<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">

  
  
    
  

  <div class="container sidebar-position-left page-post-detail">
    <div class="headband"></div>

    <header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="header-inner"><div class="site-brand-wrapper">
  <div class="site-meta ">
    

    <div class="custom-logo-site-title">
      <a href="/" class="brand" rel="start">
        <span class="logo-line-before"><i></i></span>
        <span class="site-title">Tonny's Blog</span>
        <span class="logo-line-after"><i></i></span>
      </a>
    </div>
    
      
        <p class="site-subtitle">莫等闲, 白了少年头, 空悲切</p>
      
    
  </div>

  <div class="site-nav-toggle">
    <button aria-label="切换导航栏">
      <span class="btn-bar"></span>
      <span class="btn-bar"></span>
      <span class="btn-bar"></span>
    </button>
  </div>
</div>



<nav class="site-nav">
  
    <ul id="menu" class="menu">
      
        
        
        
          
          <li class="menu-item menu-item-home">
    <a href="/" rel="section">
      <i class="menu-item-icon fa fa-fw fa-home"></i> <br>首页</a>
  </li>
        
        
        
          
          <li class="menu-item menu-item-tags">
    <a href="/tags/" rel="section">
      <i class="menu-item-icon fa fa-fw fa-tags"></i> <br>标签</a>
  </li>
        
        
        
          
          <li class="menu-item menu-item-categories">
    <a href="/categories/" rel="section">
      <i class="menu-item-icon fa fa-fw fa-th"></i> <br>分类</a>
  </li>
        
        
        
          
          <li class="menu-item menu-item-archives">
    <a href="/archives/" rel="section">
      <i class="menu-item-icon fa fa-fw fa-archive"></i> <br>归档</a>
  </li>

      
      
    </ul>
  

  
    

  

  
</nav>



  



</div>
    </header>

    


    <main id="main" class="main">
      <div class="main-inner">
        <div class="content-wrap">
          
          <div id="content" class="content">
            

  <div id="posts" class="posts-expand">
    

  

  
  
  

  

  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
  
  
  
  <div class="post-block">
    <link itemprop="mainEntityOfPage" href="http://codertang.com/2018/03/08/linux-commands/">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="name" content="Tonny Yi">
      <meta itemprop="description" content="Coding, Life, Zen">
      <meta itemprop="image" content="/images/avatar.png">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="Tonny's Blog">
    </span>

    
      <header class="post-header">

        
        
          <h1 class="post-title" itemprop="name headline">Linux常用命令
              
            
          </h1>
        

        <div class="post-meta">
          <span class="post-time">

            
            
            

            
              <span class="post-meta-item-icon">
                <i class="fa fa-calendar-o"></i>
              </span>
              
                <span class="post-meta-item-text">发表于</span>
              

              
                
              

              <time title="创建时间：2018-03-08 15:09:41" itemprop="dateCreated datePublished" datetime="2018-03-08T15:09:41+08:00">2018-03-08</time>
            

            
              

              
                
                <span class="post-meta-divider">|</span>
                

                <span class="post-meta-item-icon">
                  <i class="fa fa-calendar-check-o"></i>
                </span>
                
                  <span class="post-meta-item-text">更新于</span>
                
                <time title="修改时间：2021-12-03 10:14:48" itemprop="dateModified" datetime="2021-12-03T10:14:48+08:00">2021-12-03</time>
              
            
          </span>

          
            <span class="post-category">
            
              <span class="post-meta-divider">|</span>
            
              <span class="post-meta-item-icon">
                <i class="fa fa-folder-o"></i>
              </span>
              
                <span class="post-meta-item-text">分类于</span>
              
              
                <span itemprop="about" itemscope itemtype="http://schema.org/Thing"><a href="/categories/linux/" itemprop="url" rel="index"><span itemprop="name">linux</span></a></span>

                
                
                  ，
                
              
                <span itemprop="about" itemscope itemtype="http://schema.org/Thing"><a href="/categories/linux/command/" itemprop="url" rel="index"><span itemprop="name">command</span></a></span>

                
                
              
            </span>
          

          
            
          

          
          

          

          

          

        </div>
      </header>
    

    
    
    
    <div class="post-body han-init-context" itemprop="articleBody">

      
      

      
        <h2 id="文件-目录"><a href="#文件-目录" class="headerlink" title="文件/目录"></a>文件/目录</h2><h3 id="ls-文件列表"><a href="#ls-文件列表" class="headerlink" title="ls 文件列表"></a>ls 文件列表</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># -1 :每个文件展示一行  -l :展示全部信息(权限, 时间等, 首字母为文件类型: -:普通文件 d:文件夹 s:socket文件 l:链接文件)  </span></span><br><span class="line">ls -t    <span class="comment"># 按更新时间排序, 最新的在前</span></span><br><span class="line">ls -tr    <span class="comment"># 按更新时间排序, 最旧的在前, -r:倒序</span></span><br><span class="line">ls -h    <span class="comment"># 使用可读单位(K, M, G)显示文件大小</span></span><br><span class="line">ls -d /root/*/	<span class="comment"># 显示目录</span></span><br><span class="line">ls -d */		<span class="comment"># 显示当前目录的子目录</span></span><br><span class="line">ls -a    <span class="comment"># 显示所有文件, 包括 . 和 ..</span></span><br><span class="line">ls -A    <span class="comment"># 显示所有文件, 不包括 . 和 ..</span></span><br><span class="line">ls -R    <span class="comment"># 递归展示所有文件, 及子目录内所有文件</span></span><br></pre></td></tr></table></figure>
<a id="more"></a>
<h3 id="mkdir-建目录"><a href="#mkdir-建目录" class="headerlink" title="mkdir 建目录"></a>mkdir 建目录</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">mkdir dir   <span class="comment"># 创建目录</span></span><br><span class="line">mkdir -p path/to/dir       <span class="comment"># 递归创建多个目录</span></span><br><span class="line">mkdir -m 777 dir    <span class="comment"># 创建权限为777的目录</span></span><br><span class="line">mkdir -p dir, dir2, path/to/dir3    <span class="comment"># 创建多个目录</span></span><br></pre></td></tr></table></figure>
<h3 id="rm-删除"><a href="#rm-删除" class="headerlink" title="rm  删除"></a>rm  删除</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">rm file      <span class="comment"># 删除前需要确认</span></span><br><span class="line">rm -f file    <span class="comment"># 强行删除, 系统不再提示</span></span><br><span class="line">rm -i file*     <span class="comment"># 删除多个文件, 逐个确认</span></span><br><span class="line">rm -r dir      <span class="comment"># 递归删除文件夹下所有文件, 并删除该文件夹</span></span><br><span class="line">rm -rf dir     <span class="comment"># 毁天灭地</span></span><br></pre></td></tr></table></figure>
<h3 id="cp-复制"><a href="#cp-复制" class="headerlink" title="cp  复制"></a>cp  复制</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">cp file1 path/          <span class="comment"># 复制到目录, 保持文件名</span></span><br><span class="line">cp file1 path/file2     <span class="comment"># 复制并重命名</span></span><br><span class="line">cp -r path/dir1 path/to/dir2    <span class="comment"># 递归复制一个目录</span></span><br><span class="line">cp -i file1 file2    <span class="comment"># 重命名文件为file2, 如果file2已存在则提示是否覆盖</span></span><br><span class="line">cp -a dir1 dir2     <span class="comment"># 如果dir2已存在, 则将dir1复制到dir2目录里, 否则dir1并重命名为dir2</span></span><br><span class="line">cp -b file1 file2    <span class="comment"># file2已存在时, 会先备份, 再复制</span></span><br></pre></td></tr></table></figure>
<h3 id="mv-移动"><a href="#mv-移动" class="headerlink" title="mv 移动"></a>mv 移动</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">mv -i file1 file2   <span class="comment"># 如果file2已存在则提示</span></span><br><span class="line">mv -f file1 file2   <span class="comment"># 如果file2已存在直接覆盖, 不提示</span></span><br><span class="line">mv -b file1 file2   <span class="comment"># 如果file2已存在, 则覆盖, 但会先备份</span></span><br><span class="line">mv file1 file2 dir  <span class="comment"># 移动多个文件到dir</span></span><br></pre></td></tr></table></figure>
<h3 id="chmod-改权限"><a href="#chmod-改权限" class="headerlink" title="chmod  改权限"></a>chmod  改权限</h3><p><code>ls -al</code>输出类似<code>-rw-r--r-- 1 root root 302108 11-13 06:03 xx.log</code>的内容. 分三部分: 文件所属人的权限<code>u</code>, 文件所属组的权限<code>g</code>, 其他用户的权限<code>o</code>.</p>
<p>权限范围:</p>
<ul>
<li><strong>u</strong> : 目录或文件的当前用户</li>
<li><strong>g</strong> : 目录或文件的当前群组</li>
<li><strong>o</strong> : 除了目录或文件的当前用户和群组之外的用户或者群组</li>
<li><strong>a</strong> : 所有的用户及群组</li>
</ul>
<p>权限代号:</p>
<ul>
<li><strong>r</strong> : 读权限, 用数字4表示</li>
<li><strong>w</strong> : 写权限, 用数字2表示</li>
<li><strong>x</strong> : 执行权限, 用数字1表示</li>
<li><strong>-</strong> : 删除权限, 用数字0表示</li>
<li><strong>s</strong> : 特殊权限</li>
</ul>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">chmod a+x file      <span class="comment"># 写法1, 所有人加执行权限</span></span><br><span class="line">chmod ug+x,o-x file     <span class="comment"># 所有人及所在组加执行权限, 其他去除执行权限</span></span><br><span class="line">chmod o=r file          <span class="comment"># 其他用户只有读取权限</span></span><br><span class="line">chmod u=rwx,g=rx,o=x file   <span class="comment"># 指定每个范围的权限</span></span><br><span class="line">chmod 755 file      <span class="comment"># 写法2</span></span><br><span class="line">chmod -R u+x dir    <span class="comment"># 递归修改</span></span><br><span class="line">chmod =r file   <span class="comment"># 为所有用户分配权限</span></span><br></pre></td></tr></table></figure>
<h3 id="chown-改所属"><a href="#chown-改所属" class="headerlink" title="chown  改所属"></a>chown  改所属</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">chown root file     <span class="comment"># 修改文件所属人</span></span><br><span class="line">chown redis:redis file      <span class="comment"># 修改文件所属人及组</span></span><br><span class="line">chown root: file    <span class="comment"># 修改文件所属人为root, 组改为root所在组</span></span><br><span class="line">chown :mail file    <span class="comment"># 仅修改组</span></span><br><span class="line">chown -R root dir   <span class="comment"># 递归修改所属人</span></span><br></pre></td></tr></table></figure>
<h3 id="find-查找"><a href="#find-查找" class="headerlink" title="find  查找"></a>find  查找</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br></pre></td><td class="code"><pre><span class="line">find -name <span class="string">"Hello.java"</span>   <span class="comment"># 按名称在当前目录遍历查找</span></span><br><span class="line">find / -name <span class="string">"Hello.java"</span>    <span class="comment"># 遍历查找文件</span></span><br><span class="line">find / -iname <span class="string">"Hello.java"</span>   <span class="comment"># 不区分文件名大小写查找</span></span><br><span class="line">find . -regex <span class="string">"\./\w+\.log$"</span>   <span class="comment"># 正则查找</span></span><br><span class="line">find . -iregex <span class="string">"\./\w+\.log$"</span>   <span class="comment"># 不区分大小, 正则查找</span></span><br><span class="line">find / -maxdepth 2 -name <span class="string">"Hello.java"</span>  <span class="comment"># 限制遍历深度, 2: 当前目录算1级 + 一级子目录</span></span><br><span class="line">find / -mindepth 2 -maxdepth 4 -name <span class="string">"Hello.java"</span>  <span class="comment"># 限制遍历层级范围</span></span><br><span class="line">find -iname <span class="string">"Hello.java"</span> -<span class="built_in">exec</span> md5sum &#123;&#125; \;  <span class="comment"># 对查找到的文件执行命令, &#123;&#125;为文件名占位符</span></span><br><span class="line">find -not -iname <span class="string">"Hello.java"</span>  <span class="comment"># 查找名称不是"Hello.java"的文件</span></span><br><span class="line">find . -perm 755 -<span class="built_in">type</span> f -<span class="built_in">exec</span> ls -l &#123;&#125; \;   <span class="comment"># 按文件权限查找 type: b:块设备文件, d:目录 c:字符设备文件 p:管道文件 l:符号链接文件 f:普通文件 s:socket文件</span></span><br><span class="line">find . -empty   <span class="comment"># 查找空文件, 即文件大小为0</span></span><br><span class="line">find . -<span class="built_in">type</span> f -<span class="built_in">exec</span> ls -s &#123;&#125; \; | sort -n -r | head -5    <span class="comment"># 查找最大的前5个文件</span></span><br><span class="line">find . -not -empty -<span class="built_in">type</span> f -<span class="built_in">exec</span> ls -s &#123;&#125; \; | sort -n | head -5   <span class="comment"># 查找前5个最小的非空文件</span></span><br><span class="line">find -newer file1   <span class="comment"># 查找比file1更新的文件</span></span><br><span class="line">find . -size 100M   <span class="comment"># 查找大小为100M的文件</span></span><br><span class="line">find . -size +100k -size -1M    <span class="comment"># 查找大小在100k 到 1M的文件</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># atime:access time, 被读取或执行的时间  ctime:change time: 文件状态改变时间  mtime: modify time, 文件内容改变时间  通过stat命令查看这些时间</span></span><br><span class="line">find . -mtime 2   <span class="comment"># 往前3天内(2*24 - 3*24)前被修改的文件</span></span><br><span class="line">find . -mtime -2  <span class="comment"># 从2天前开始</span></span><br><span class="line">find . -mtime +2  <span class="comment"># 2天之前一直往前</span></span><br><span class="line">find . -mmin 2   <span class="comment"># 按分钟查找</span></span><br><span class="line"><span class="comment"># -mtime n : 计算方式:(current_time - file_time) / 86400</span></span><br></pre></td></tr></table></figure>
<h3 id="locate"><a href="#locate" class="headerlink" title="locate"></a>locate</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">locate <span class="built_in">pwd</span>      <span class="comment"># 类似find -name, 但该命令较快, 因为它是从数据库(/var/lib/locatedb)里查询, 可以使用updatedb命令更新数据</span></span><br><span class="line">locate ~/m      <span class="comment"># 查找以m开头的文件</span></span><br><span class="line">locate -i ~/m   <span class="comment"># 忽略大小写</span></span><br></pre></td></tr></table></figure>
<h3 id="which"><a href="#which" class="headerlink" title="which"></a>which</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="built_in">which</span> grep      <span class="comment"># 在PATH变量指定的路径中, 查询某个命令的位置, 并且返回第一个搜索结果</span></span><br></pre></td></tr></table></figure>
<h3 id="whereis"><a href="#whereis" class="headerlink" title="whereis"></a>whereis</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 只能搜索程序名, 而且只搜索二进制(-b), man文件(-m), 和源码(-s)</span></span><br><span class="line">whereis grep</span><br></pre></td></tr></table></figure>
<h3 id="type"><a href="#type" class="headerlink" title="type"></a>type</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 区分某个命令是否是shell自带的</span></span><br><span class="line"><span class="built_in">type</span> <span class="built_in">cd</span>     <span class="comment"># cd is a shell builtin</span></span><br><span class="line"><span class="built_in">type</span> grep   <span class="comment"># grep is /bin/grep</span></span><br><span class="line"><span class="built_in">type</span> -p grep    <span class="comment"># 加 -p 等同于which</span></span><br></pre></td></tr></table></figure>
<h3 id="sort"><a href="#sort" class="headerlink" title="sort"></a>sort</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># -f 忽略大小写, -C检查文件是否已排好序，如果乱序，不输出内容，仅返回1</span></span><br><span class="line">sort file   <span class="comment"># 文件中每行按首字母排序后打印</span></span><br><span class="line">sort -r file  <span class="comment"># 逆序</span></span><br><span class="line">ls -l . | sort -nk2   <span class="comment"># 按第2列排序, 默认ascii排序(会出现10 &lt; 2), 基于数字值排序时必须加n</span></span><br><span class="line">sort -nk2 -t : file   <span class="comment"># 按数字排序第2列, 使用:作为分隔符</span></span><br><span class="line">sort -u file   <span class="comment"># 不输出重复行</span></span><br><span class="line">sort file -o file   <span class="comment"># 排序后写入原文件</span></span><br><span class="line">sort -n -t : -k 3nr -k 2 file   <span class="comment"># 以:分隔列, 先按第3列倒叙排, 相同时再按第2列排序</span></span><br><span class="line">sort -n -k 2.2,3.1 file    <span class="comment"># 以第2列的第3个字符到第3列的第1个字符排序</span></span><br></pre></td></tr></table></figure>
<h3 id="uniq"><a href="#uniq" class="headerlink" title="uniq"></a>uniq</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">uniq -c     <span class="comment"># 显示重复次数</span></span><br><span class="line">uniq -U     <span class="comment"># 仅显示出现一次的列</span></span><br><span class="line">uniq -d 	<span class="comment"># 仅显示重复的列</span></span><br></pre></td></tr></table></figure>
<h2 id="wc"><a href="#wc" class="headerlink" title="wc"></a>wc</h2><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">wc -l	<span class="comment"># 统计行数</span></span><br><span class="line">wc -c	<span class="comment"># 统计字节数</span></span><br><span class="line">wc -m	<span class="comment"># 统计字符数， 不能与 -c 一起用</span></span><br><span class="line">wc -w	<span class="comment"># 统计字数，由空白、空格或换行符分隔</span></span><br></pre></td></tr></table></figure>
<h3 id="realpath"><a href="#realpath" class="headerlink" title="realpath"></a>realpath</h3><h3 id="readlink"><a href="#readlink" class="headerlink" title="readlink"></a>readlink</h3><h2 id="文件内容"><a href="#文件内容" class="headerlink" title="文件内容"></a>文件内容</h2><h3 id="cat-读取内容"><a href="#cat-读取内容" class="headerlink" title="cat  读取内容"></a>cat  读取内容</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">cat file1 file2    <span class="comment"># 顺序打印多个文件内容</span></span><br><span class="line">cat -n file        <span class="comment"># 每行前加行号</span></span><br><span class="line">cat -b file        <span class="comment"># 空白行不加行号</span></span><br><span class="line">cat file1 &gt; file2  <span class="comment"># 将file1的内容输入到file2, file2原有内容被清空</span></span><br><span class="line">cat file2 &gt;&gt; file2  <span class="comment"># file1文件追加到file2</span></span><br></pre></td></tr></table></figure>
<h3 id="grep-过滤"><a href="#grep-过滤" class="headerlink" title="grep 过滤"></a>grep 过滤</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br></pre></td><td class="code"><pre><span class="line">grep <span class="string">"the"</span> file</span><br><span class="line">grep <span class="string">"the"</span> file_*  <span class="comment"># 查找所有file_开头的文件</span></span><br><span class="line">grep -n <span class="string">"the"</span> file	<span class="comment"># 输出行号</span></span><br><span class="line">grep -i <span class="string">"the"</span> file  <span class="comment"># 不区分大小写查找</span></span><br><span class="line"></span><br><span class="line">grep <span class="string">"23;"</span> file		<span class="comment"># 23后是一个tab键</span></span><br><span class="line">grep <span class="string">"^$"</span> file	<span class="comment"># 搜索空行</span></span><br><span class="line">grep <span class="string">"centos[678]"</span> file	<span class="comment"># 正则</span></span><br><span class="line">grep <span class="string">"^[^48]"</span> file	<span class="comment"># 行首不是48</span></span><br><span class="line">grep <span class="string">"K...D"</span> file	<span class="comment"># 第2,3,4是任意字符</span></span><br><span class="line">grep <span class="string">"th.*"</span> file  <span class="comment"># 正则查找, 推荐用egrep 或 -e</span></span><br><span class="line">egrep <span class="string">"th.&#123;2&#125;"</span> file</span><br><span class="line">grep -v -e <span class="string">"^th"</span> -e <span class="string">"se$"</span> -e <span class="string">"at"</span>  <span class="comment"># 除了th开头, se结尾, 包含at 的其他行</span></span><br><span class="line">grep -w <span class="string">"is"</span> file  <span class="comment"># 完整匹配, 不会匹配上this/his, 只查找is</span></span><br><span class="line">grep -3 <span class="string">"the"</span> file	<span class="comment"># 输出匹配行及其前后3行</span></span><br><span class="line">grep -A 3 -i <span class="string">"the"</span> file  <span class="comment"># 输出匹配到的行, 及之后的3行</span></span><br><span class="line">grep -B 3 -i <span class="string">"the"</span> file  <span class="comment"># 输出匹配到的行, 及之前的3行</span></span><br><span class="line">grep -3 -i <span class="string">"the"</span> file  <span class="comment"># 输出匹配到的行, 及前后的3行, 可以写 -3i</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 高亮匹配到的字符</span></span><br><span class="line"><span class="built_in">export</span> GREP_OPTIONS=<span class="string">'--color=auto'</span> GREP_COLOR=<span class="string">'1;31'</span></span><br><span class="line">grep -w <span class="string">"is"</span> file</span><br><span class="line"></span><br><span class="line">grep -r <span class="string">'is'</span> *   <span class="comment"># 遍历查询当前目录及子目录中的所有文件</span></span><br><span class="line">grep -v <span class="string">"is"</span> file  <span class="comment"># 查找不包含is的行</span></span><br><span class="line">grep -c <span class="string">"is"</span> file  <span class="comment"># 统计匹配到的行数, 再加-v统计不包含的行数</span></span><br><span class="line">grep -l <span class="string">"is"</span> *.conf  <span class="comment"># 打印内容匹配上的行所在的文件名</span></span><br><span class="line">grep -o <span class="string">"is.*good"</span>   <span class="comment"># 只打印匹配上的字符串, 而不是打印整行内容</span></span><br></pre></td></tr></table></figure>
<h3 id="tar-压缩包"><a href="#tar-压缩包" class="headerlink" title="tar 压缩包"></a>tar 压缩包</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># -c :创建压缩文件;  -x :解压压缩文件; -t :查看压缩文件</span></span><br><span class="line"><span class="comment"># -v :verbose  -f :file</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 创建压缩文件</span></span><br><span class="line">tar cvf xxx.tar dirname/	   <span class="comment"># 压缩文件夹</span></span><br><span class="line">tar cvf xxx.tar file1 file2	   <span class="comment"># 压缩多个文件</span></span><br><span class="line">tar cvzf xxx.tar.gz dirname/   <span class="comment"># gzip压缩</span></span><br><span class="line">tar cvjf xxx.tar.bz2 dirname/  <span class="comment"># bzip2压缩</span></span><br><span class="line">tar cavf xxx.tar.yy file  <span class="comment"># 根据文件后缀yy自动选择压缩程序</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 解压</span></span><br><span class="line">tar xvf xxx.tar</span><br><span class="line">tar xvzf xxx.tar.gz</span><br><span class="line">tar xvjf xxx.tar.bz2</span><br><span class="line">tar xavf xxx.tar.yy   <span class="comment"># 根据文件后缀yy自动选择压缩程序</span></span><br><span class="line">tar xvf xxx.tar /path/to/file  <span class="comment">#从压缩文件中解压出file文件</span></span><br><span class="line">tar xvf xxx.tar /path/to/dir1/ /path/to/dir2/  <span class="comment">#从压缩文件中解压出dir1, dir2两个目录</span></span><br><span class="line">tar xvf xxx.tar --wildcards <span class="string">"*.txt"</span>  <span class="comment"># 只解压出压缩文件中的txt文件</span></span><br><span class="line">tar xvf xxx.tar -C path/dir		<span class="comment"># 解压到指定文件夹</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 往tar文件中添加文件, 不可以往gz/bz2文件中添加</span></span><br><span class="line">tar rvf xxx.tar newfile</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看压缩文件内的文件</span></span><br><span class="line">tar tvf xxx.tar</span><br><span class="line">tar tvzf xxx.tar.gz</span><br><span class="line">tar tvjf xxx.tar.bz2</span><br></pre></td></tr></table></figure>
<h3 id="tail-head-头尾"><a href="#tail-head-头尾" class="headerlink" title="tail/head 头尾"></a>tail/head 头尾</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">head file       <span class="comment"># 默认展示前10行</span></span><br><span class="line">head -5 file    <span class="comment"># 前5行</span></span><br><span class="line">head -n 5 file      <span class="comment"># 前5行</span></span><br><span class="line">head -c 5 file      <span class="comment"># 前5个字符</span></span><br><span class="line">head -n -5 file     <span class="comment"># 除了最后5行的其他行</span></span><br><span class="line">head -n 20 file | tail -n 10    <span class="comment"># 查看前20行中的后10行</span></span><br></pre></td></tr></table></figure>
<h3 id="less-more-分段浏览"><a href="#less-more-分段浏览" class="headerlink" title="less/more 分段浏览"></a>less/more 分段浏览</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># more只能往后看, less可以看后翻页</span></span><br><span class="line"><span class="comment"># ctrl + F :前移1屏   ctrl + B :后移1屏   ctrl + D :前移半屏    ctrl + U :后移半屏</span></span><br><span class="line"><span class="comment"># j :前移1行  k :后移1行   G :移动到最后1行  g :移动到首行  q :退出</span></span><br><span class="line"><span class="comment"># /xxx :向前查找， 按n/N查找下/上一个结果       ?xxx :后查找</span></span><br><span class="line"><span class="built_in">history</span> | less</span><br><span class="line">less -N xxx.txt    <span class="comment"># 显示行号</span></span><br><span class="line">less -m xxx.txt    <span class="comment"># 显示百分比</span></span><br></pre></td></tr></table></figure>
<h3 id="cut切分"><a href="#cut切分" class="headerlink" title="cut切分"></a>cut切分</h3><h3 id="sed-基于正则的流处理器"><a href="#sed-基于正则的流处理器" class="headerlink" title="sed 基于正则的流处理器"></a>sed 基于正则的流处理器</h3><p>sed是一种在线编辑器, 每次处理一行内容. 处理时, 把当前行存储在临时缓冲区中, 称为”模式空间”(pattern space), 接着sed命令处理缓冲区中的内容. 处理完成后, 将缓冲区内容输出到屏幕. 然后接着处理下一行, 直至文件结束.</p>
<h5 id="打印-p参数"><a href="#打印-p参数" class="headerlink" title="打印   p参数"></a>打印   p参数</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 匹配fish并输出, 但是匹配到的行被输出了2遍, 这是因为sed会把待处理的信息也输出了</span></span><br><span class="line">sed <span class="string">'/fish/p'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 使用-n参数只输出匹配到的行</span></span><br><span class="line">sed -n <span class="string">'/fish/p'</span> input.txt</span><br><span class="line"><span class="comment"># 输出匹配 fish 或者 dog 的行</span></span><br><span class="line">sed -n <span class="string">'/fish/,/dog/p'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 从第一行打印到匹配fish的那一行</span></span><br><span class="line">sed -n <span class="string">'1,/fish/p'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 打印匹配到dog后的3行</span></span><br><span class="line">sed -n <span class="string">'/dog/,+3p'</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="文本替换-s参数"><a href="#文本替换-s参数" class="headerlink" title="文本替换  s参数"></a>文本替换  s参数</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 把一行上的每个(/g)单词 my 都替换成 your, 所有行都处理</span></span><br><span class="line"><span class="comment"># 但不会改动input.txt, 只是会输出每一行的内容(即使该行没被处理也输出)</span></span><br><span class="line">sed <span class="string">'s/my/your/g'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 如果想用处理后的内容覆盖原文件, 则需要加 -i 参数</span></span><br><span class="line">sed -i <span class="string">'s/my/your/g'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 在每行前面增加 # </span></span><br><span class="line">sed -i <span class="string">'s/^/#/g'</span> input.txt</span><br><span class="line"><span class="comment"># 在每行后面增加 ===</span></span><br><span class="line">sed -i <span class="string">'s/$/===/g'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 指定处理的行范围(第3到6行)</span></span><br><span class="line">sed -i <span class="string">'3,6s/my/your/g'</span> input.txt</span><br><span class="line"><span class="comment"># 从匹配到的行开始后面连续3行, 在行首加#</span></span><br><span class="line">sed -i <span class="string">'/my/,+3s/^/#/g'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 只替换每行的第一个a</span></span><br><span class="line">sed -i <span class="string">'s/a/A/1'</span> input.txt</span><br><span class="line"><span class="comment"># 替换每行的第二个a</span></span><br><span class="line">sed -i <span class="string">'s/a/A/2'</span> input.txt</span><br><span class="line"><span class="comment"># 替换每行的第三个以后的所有a</span></span><br><span class="line">sed -i <span class="string">'s/a/A/3g'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 可以一次匹配多个模式, 先把第一到第三行的my替换成your, 再把第三行以后的This替换成That</span></span><br><span class="line">sed <span class="string">'1,3s/my/your/g; 3,$s/This/That/g'</span> input.txt</span><br><span class="line">sed -e <span class="string">'1,3s/my/your/g'</span> -e <span class="string">'3,$s/This/That/g'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 可以使用&amp;表示被匹配到的变量, 将单词my用[]包裹起来</span></span><br><span class="line">sed <span class="string">'s/my/[&amp;]/g'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 使用正则中的分组功能, 圆括号定义分组, \1, \2表示匹配到的分组变量</span></span><br><span class="line">sed <span class="string">'s/my (\w+)/\1/g'</span> input.txt  <span class="comment"># 输出my后面跟着的字符</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># N命令可以把下一行内容当成缓冲区做匹配, 效果就是隔行处理</span></span><br><span class="line">sed <span class="string">'N;s/\n/,/'</span> input.txt  <span class="comment"># 把1,2  3,4  5,6 合并成一行, 用,分隔</span></span><br></pre></td></tr></table></figure>
<h5 id="地址表示法"><a href="#地址表示法" class="headerlink" title="地址表示法"></a>地址表示法</h5><table>
<thead>
<tr>
<th>表达式</th>
<th>说明</th>
</tr>
</thead>
<tbody>
<tr>
<td>n</td>
<td>行号</td>
</tr>
<tr>
<td>$</td>
<td>最后一行</td>
</tr>
<tr>
<td>/regexp/</td>
<td>所有匹配该正则的文本行</td>
</tr>
<tr>
<td>addr1,addr2</td>
<td>从addr1到addr2范围内的文本行, 包含addr2</td>
</tr>
<tr>
<td>first~step</td>
<td>从first行开始, 每个step的文本行, 例: 1~2值每个奇数行</td>
</tr>
<tr>
<td>addr1,+n</td>
<td>从addr1开始到后面的n行</td>
</tr>
<tr>
<td>addr!</td>
<td>除了addr之外的其他文本行</td>
</tr>
</tbody>
</table>
<h5 id="在行前插入一行-i参数"><a href="#在行前插入一行-i参数" class="headerlink" title="在行前插入一行   i参数"></a>在行前插入一行   i参数</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 在第一行前插入一行 This is a test line</span></span><br><span class="line">sed <span class="string">'1 i This is a test line'</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="在行后插入一行-a参数"><a href="#在行后插入一行-a参数" class="headerlink" title="在行后插入一行   a参数"></a>在行后插入一行   a参数</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 在第一行后插入一行 This is a test line</span></span><br><span class="line">sed <span class="string">'1 a This is a test line'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 匹配到fish就在这一行后面追加一行</span></span><br><span class="line">sed <span class="string">'/fish/a This is a test line'</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="替换匹配行-c参数"><a href="#替换匹配行-c参数" class="headerlink" title="替换匹配行    c参数"></a>替换匹配行    c参数</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 替换第二行</span></span><br><span class="line">sed <span class="string">'2 c This is a test line'</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="删除匹配行-d参数"><a href="#删除匹配行-d参数" class="headerlink" title="删除匹配行   d参数"></a>删除匹配行   d参数</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 删除1到3行</span></span><br><span class="line">sed <span class="string">'1,3d'</span> input.txt</span><br><span class="line"><span class="comment"># 从第2行到最后全部删除</span></span><br><span class="line">sed <span class="string">'2,$d'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 删除含有fish的行</span></span><br><span class="line">sed <span class="string">'/fish/d'</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="命令打包"><a href="#命令打包" class="headerlink" title="命令打包"></a>命令打包</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 对3到6行, 匹配到This就删除这一行</span></span><br><span class="line">sed <span class="string">'3,6 &#123;/This/d&#125;'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 对3到6行, 匹配This后再匹配fish, 匹配到之后删除这一行</span></span><br><span class="line">sed <span class="string">'3,6 &#123;/This/&#123;/fish/d&#125;&#125;'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 从第一行到最后, 如果匹配到This则删除, 如果前面有空格则去除空格</span></span><br><span class="line">sed <span class="string">'1,$ &#123;/This/d; s/^ *//g&#125;'</span> input.txt</span><br></pre></td></tr></table></figure>
<h3 id="awk-格式化流处理器"><a href="#awk-格式化流处理器" class="headerlink" title="awk 格式化流处理器"></a>awk 格式化流处理器</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 打印第1列和第3列   $0表示整行</span></span><br><span class="line">cat <span class="string">'&#123;print $1, $4&#125;'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 格式化打印</span></span><br><span class="line">awk <span class="string">'&#123;printf "%-8s %-8s %-8s %-18s %-22s %-15s\n",$1,$2,$3,$4,$5,$6&#125;'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment">#从file文件中找出长度大于80的行</span></span><br><span class="line">awk <span class="string">'length&gt;80'</span> file</span><br><span class="line"></span><br><span class="line"><span class="comment">#按连接数查看客户端IP</span></span><br><span class="line">netstat -ntu | awk <span class="string">'&#123;print $5&#125;'</span> | cut -d: -f1 | sort | uniq -c | sort -nr</span><br><span class="line"></span><br><span class="line"><span class="comment">#打印99乘法表</span></span><br><span class="line">seq 9 | sed <span class="string">'H;g'</span> | awk -v RS=<span class="string">''</span> <span class="string">'&#123;for(i=1;i&lt;=NF;i++)printf("%dx%d=%d%s", i, NR, i*NR, i==NR?"\n":"\t")&#125;'</span></span><br></pre></td></tr></table></figure>
<h5 id="过滤记录"><a href="#过滤记录" class="headerlink" title="过滤记录"></a>过滤记录</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 第3列等于0 且 第6列等于LISTEN  还有 !=  &lt;  &lt;=  &gt;  &gt;=</span></span><br><span class="line">awk <span class="string">'$3==0 &amp;&amp; $6=="LISTEN"'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 过滤后只输出第7列</span></span><br><span class="line">awk <span class="string">'$3==0 &amp;&amp; $6=="LISTEN" &#123;print $7&#125;'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># 同时输出表头, 引入内建变量NR</span></span><br><span class="line">awk <span class="string">'$3==0 &amp;&amp; $6=="LISTEN" || NR==1'</span> input.txt</span><br><span class="line"><span class="comment"># 再加上格式化输出</span></span><br><span class="line">awk <span class="string">'$3==0 &amp;&amp; $6=="LISTEN" || NR==1 &#123;printf "%-20s %-20s %s\n",$4,$5,$6&#125;'</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="内建变量"><a href="#内建变量" class="headerlink" title="内建变量"></a>内建变量</h5><table>
<thead>
<tr>
<th>变量名</th>
<th>说明</th>
</tr>
</thead>
<tbody>
<tr>
<td>$0</td>
<td>当前记录, 即整行内容</td>
</tr>
<tr>
<td>$1 ~ $n</td>
<td>当前记录的第n个字段, 字段间由FS分隔</td>
</tr>
<tr>
<td>FS</td>
<td>输入字段分隔符, 默认是空格或Tab</td>
</tr>
<tr>
<td>NF</td>
<td>当前记录的字段个数, 即有多少列</td>
</tr>
<tr>
<td>NR</td>
<td>已经读出的记录数, 即行号, 从1开始, 如果有多个文件, 该值会不断累加</td>
</tr>
<tr>
<td>FNR</td>
<td>当前记录数, 与NR不同的是, 该值是各个文件自己的行号</td>
</tr>
<tr>
<td>RS</td>
<td>输入的记录分隔符, 默认为换行符</td>
</tr>
<tr>
<td>OFS</td>
<td>输入字段分隔符, 默认为空格</td>
</tr>
<tr>
<td>ORS</td>
<td>输出记录分隔符, 默认为换行符</td>
</tr>
<tr>
<td>FILENAME</td>
<td>当前输入文件的名称</td>
</tr>
</tbody>
</table>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">awk <span class="string">'$1=="tcp6" &amp;&amp; $6=="LISTEN" &#123;printf "%s %-20s %s\n", NR,$4,$5&#125;'</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="指定分隔符"><a href="#指定分隔符" class="headerlink" title="指定分隔符"></a>指定分隔符</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line">awk <span class="string">'BEGIN&#123;FS=":"&#125; &#123;print $1,$3,$6&#125;'</span> /etc/passwd</span><br><span class="line"><span class="comment"># 等价于</span></span><br><span class="line">awk -F: <span class="string">'&#123;print $1,$3,$6&#125;'</span> /etc/passwd</span><br><span class="line"><span class="comment"># 指定多个分隔符</span></span><br><span class="line">awk -F <span class="string">'[;:]'</span>  <span class="string">'&#123;print $1,$3,$6&#125;'</span> /etc/passwd</span><br><span class="line"></span><br><span class="line"><span class="comment"># 指定输出分隔符</span></span><br><span class="line">awk -F: <span class="string">'&#123;print $1,$3,$6&#125;'</span> OFS=<span class="string">"\t"</span> /etc/passwd</span><br></pre></td></tr></table></figure>
<h5 id="字符串匹配"><a href="#字符串匹配" class="headerlink" title="字符串匹配"></a>字符串匹配</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 过滤第6列匹配WAIT   ~ 表示模式开始   //中是模式</span></span><br><span class="line">awk <span class="string">'$6 ~ /WAIT/ || NR==1 &#123;print NR,$4,$5,$6&#125;'</span> OFS=<span class="string">"\t"</span> input.txt</span><br><span class="line"><span class="comment"># 条件 或</span></span><br><span class="line">awk <span class="string">'$6 ~ /WAIT|FIN/ || NR==1 &#123;print NR,$4,$5,$6&#125;'</span> OFS=<span class="string">"\t"</span> input.txt</span><br><span class="line"><span class="comment"># 取反</span></span><br><span class="line">awk <span class="string">'$6 !~ /WAIT/ || NR==1 &#123;print NR,$4,$5,$6&#125;'</span> OFS=<span class="string">"\t"</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="拆分文件"><a href="#拆分文件" class="headerlink" title="拆分文件"></a>拆分文件</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 按第6列分隔文件   NR!=1表示不处理第一行</span></span><br><span class="line">awk <span class="string">'NR!=1&#123;print &gt; $6&#125;'</span> input.txt</span><br><span class="line"><span class="comment"># 只输出指定列到文件</span></span><br><span class="line">awk <span class="string">'NR!=1&#123;print $4,$5 &gt; $6&#125;'</span> input.txt</span><br><span class="line"></span><br><span class="line"><span class="comment"># awk就是个脚本解释器</span></span><br><span class="line">awk <span class="string">'NR!=1&#123;if($6 ~ /TIME|ESTABLISHED/) print &gt; "1.txt";</span></span><br><span class="line"><span class="string">else if($6 ~ /LISTEN/) print &gt; "2.txt";</span></span><br><span class="line"><span class="string">else print &gt; "3.txt"&#125;'</span> input.txt</span><br></pre></td></tr></table></figure>
<h5 id="统计"><a href="#统计" class="headerlink" title="统计"></a>统计</h5><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 计算文件大小总和</span></span><br><span class="line">ls -l *.cpp *.c *.h | awk <span class="string">'&#123;sum+=$5&#125; END &#123;print sum&#125;'</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 统计每个用户的进程占用多少内存</span></span><br><span class="line">ps aux | awk <span class="string">'NR!=1&#123;a[$1]+=$6;&#125; END &#123; for(i in a) print i ", " a[i]"KB"; &#125;'</span></span><br></pre></td></tr></table></figure>
<h5 id="awk脚本"><a href="#awk脚本" class="headerlink" title="awk脚本"></a>awk脚本</h5><p>语法如下:</p>
<ul>
<li>BEGIN{ 这里面放的是执行前的语句 }</li>
<li>{这里面放的是处理每一行时要执行的语句}</li>
<li>END {这里面放的是处理完所有的行后要执行的语句 }</li>
</ul>
<p>示例</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br></pre></td><td class="code"><pre><span class="line">$ cat score.txt</span><br><span class="line">Marry   2143 78 84 77</span><br><span class="line">Jack    2321 66 78 45</span><br><span class="line">Tom     2122 48 77 71</span><br><span class="line">Mike    2537 87 97 95</span><br><span class="line">Bob     2415 40 57 62</span><br><span class="line"></span><br><span class="line">$ cat cal.awk</span><br><span class="line"><span class="comment">#!/bin/awk -f</span></span><br><span class="line"><span class="comment">#运行前</span></span><br><span class="line">BEGIN &#123;</span><br><span class="line">    math = 0</span><br><span class="line">    english = 0</span><br><span class="line">    computer = 0</span><br><span class="line">    <span class="built_in">printf</span> <span class="string">"NAME    NO.   MATH  ENGLISH  COMPUTER   TOTAL\n"</span></span><br><span class="line">    <span class="built_in">printf</span> <span class="string">"---------------------------------------------\n"</span></span><br><span class="line">&#125;</span><br><span class="line"><span class="comment">#运行中</span></span><br><span class="line">&#123;</span><br><span class="line">    math+=<span class="variable">$3</span></span><br><span class="line">    english+=<span class="variable">$4</span></span><br><span class="line">    computer+=<span class="variable">$5</span></span><br><span class="line">    <span class="built_in">printf</span> <span class="string">"%-6s %-6s %4d %8d %8d %8d\n"</span>, <span class="variable">$1</span>, <span class="variable">$2</span>, <span class="variable">$3</span>,<span class="variable">$4</span>,<span class="variable">$5</span>, <span class="variable">$3</span>+<span class="variable">$4</span>+<span class="variable">$5</span></span><br><span class="line">&#125;</span><br><span class="line"><span class="comment">#运行后</span></span><br><span class="line">END &#123;</span><br><span class="line">    <span class="built_in">printf</span> <span class="string">"---------------------------------------------\n"</span></span><br><span class="line">    <span class="built_in">printf</span> <span class="string">"  TOTAL:%10d %8d %8d \n"</span>, math, english, computer</span><br><span class="line">    <span class="built_in">printf</span> <span class="string">"AVERAGE:%10.2f %8.2f %8.2f\n"</span>, math/NR, english/NR, computer/NR</span><br><span class="line">&#125;</span><br><span class="line"></span><br><span class="line">$ awk -f cal.awk score.txt</span><br><span class="line">NAME    NO.   MATH  ENGLISH  COMPUTER   TOTAL</span><br><span class="line">---------------------------------------------</span><br><span class="line">Marry  2143     78       84       77      239</span><br><span class="line">Jack   2321     66       78       45      189</span><br><span class="line">Tom    2122     48       77       71      196</span><br><span class="line">Mike   2537     87       97       95      279</span><br><span class="line">Bob    2415     40       57       62      159</span><br><span class="line">---------------------------------------------</span><br><span class="line">  TOTAL:       319      393      350</span><br><span class="line">AVERAGE:     63.80    78.60    70.00</span><br></pre></td></tr></table></figure>
<h5 id="环境变量"><a href="#环境变量" class="headerlink" title="环境变量"></a>环境变量</h5><p>使用<code>-v</code>和<code>ENVIRON</code>与环境变量交互, 使用<code>ENVIRON</code>的环境变量需要<strong>export</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><span class="line">$ x=5</span><br><span class="line">$ y=10</span><br><span class="line">$ <span class="built_in">export</span> y</span><br><span class="line">$ <span class="built_in">echo</span> <span class="variable">$x</span> <span class="variable">$y</span></span><br><span class="line">5 10</span><br><span class="line">$ awk -v val=<span class="variable">$x</span> <span class="string">'&#123;print $1, $2, $3, $4+val, $5+ENVIRON["y"]&#125;'</span> OFS=<span class="string">"\t"</span> score.txt</span><br><span class="line">Marry   2143    78      89      87</span><br><span class="line">Jack    2321    66      83      55</span><br><span class="line">Tom     2122    48      82      81</span><br><span class="line">Mike    2537    87      102     105</span><br><span class="line">Bob     2415    40      62      72</span><br></pre></td></tr></table></figure>
<h2 id="系统信息"><a href="#系统信息" class="headerlink" title="系统信息"></a>系统信息</h2><h3 id="uname"><a href="#uname" class="headerlink" title="uname"></a>uname</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">uname -a    <span class="comment"># Linux host.localdomain 4.10.5-1.el6.elrepo.x86_64 #1 SMP Wed Mar 22 14:55:33 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux</span></span><br></pre></td></tr></table></figure>
<h3 id="passwd"><a href="#passwd" class="headerlink" title="passwd"></a>passwd</h3><p>存放用户信息:</p>
<blockquote>
<p>/etc/passwd<br>/etc/shadow</p>
</blockquote>
<p>存放组信息:</p>
<blockquote>
<p>/etc/group<br>/etc/gshadow</p>
</blockquote>
<p>用户文件信息组成:</p>
<blockquote>
<p>例: jack:X:503:504:::/home/jack/:/bin/bash<br>jack  //用户名<br>X     //口令,密码<br>503   //用户id, 0代表root, 普通用户从500开始<br>504   //所在组<br>:  //描述<br>/home/jack/        //用户的家目录<br>/bin/bash     // 用户默认shell</p>
</blockquote>
<p>组文件信息组成:</p>
<blockquote>
<p>例: jack:$!$:???:13801:0:99999:7:<em>:</em>:<br>jack          // 组名<br>$!$           // 被加密的口令<br>13801         // 创建日期与今天相隔的天数<br>0             // 口令的最短位数<br>99999      // 用户口令<br>7          // 到7天时提醒<br>*          // 禁用天数<br>*          // 过期天数</p>
</blockquote>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">passwd  <span class="comment"># 命令行修改密码, 先输入旧的, 再输入新的</span></span><br><span class="line">passwd USERNAME    <span class="comment"># root用户可以修改其他用户的密码</span></span><br><span class="line">passwd -d USERNAME   <span class="comment"># root用户可以删除别的用户的密码, 删除后该用户可以不输入密码进入系统</span></span><br><span class="line">passwd -S USERNAME   <span class="comment"># 查看用户密码信息, 看不到密码内容</span></span><br></pre></td></tr></table></figure>
<h3 id="top-任务管理器"><a href="#top-任务管理器" class="headerlink" title="top 任务管理器"></a>top 任务管理器</h3><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br></pre></td><td class="code"><pre><span class="line">$ top</span><br><span class="line">top - 16:41:15 up 58 days,  4:44,  1 user,  load average: 0.18, 0.23, 0.22</span><br><span class="line">Tasks: 137 total,   1 running, 136 sleeping,   0 stopped,   0 zombie</span><br><span class="line">Cpu(s):  1.3%us,  0.6%sy,  0.0%ni, 97.5%id,  0.4%wa,  0.0%hi,  0.0%si,  0.2%st</span><br><span class="line">Mem:   3918972k total,  3714896k used,   204076k free,     9192k buffers</span><br><span class="line">Swap:  2096440k total,    59020k used,  2037420k free,   194376k cached</span><br><span class="line"></span><br><span class="line">  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND</span><br><span class="line"> 4667 sankai   20   0 2608m  30m 4608 S  4.0  0.8   1069:43 sg_agent</span><br><span class="line">30349 nobody    20   0 7251m 3.0g  12m S  4.0 80.1 114:47.91 java</span><br><span class="line"> 4617 sankai   20   0  308m 6644 2712 S  2.0  0.2  81:07.54 cplugin</span><br><span class="line">    1 root      20   0 51236  27m  536 S  0.0  0.7   0:03.28 init</span><br></pre></td></tr></table></figure>
<p>前5行为信息统计区:</p>
<ol>
<li><strong>16:41:15</strong> - 系统当前时间;  <strong>up 58 days,  4:44</strong> - 运行时长, 期间没有重启过; <strong>1user</strong> - 当前有1个用户登录; <strong>load average: 0.18, 0.23, 0.22</strong> - 系统在过去<strong><em>1</em>分钟</strong>, <strong><em>5</em>分钟</strong>, <strong><em>15</em>分钟</strong>的负载情况</li>
<li>系统当前有137个进程, 1个在运行, 136个在休眠, 0个停止, 0个僵尸态</li>
<li><em>1.3%us</em> - 用户空间占用CPU的百分比; <em>0.6%sy</em> - 内核空间占用CPU的百分比; <em>0.0%ni</em> - 改变过优先级的进程占用CPU的百分比; <em>97.5%id</em> - 空闲CPU百分比;  <em>0.4%wa</em> - IO等待占用CPU百分比; <em>0.0%hi</em> - 硬中断(Hardware Interrunpt)占用CPU百分比; <em>0.2%st</em> - 软中断占用CPU百分比</li>
<li><em>3918972k total</em> - 物理内存总容量(4G); <em>3714896k used</em> - 使用中的内存容量; <em>204076k free</em> - 空闲的内存容量; <em>9192k buffers</em> - 缓存的内存容量</li>
<li><em>2096440k total</em> - 交换区总容量(2G); <em>59020k used</em> - 使用的交换区容量; <em>2037420k free</em> - 空闲的交换区容量; <em>194376k cached</em> - 缓冲的交换区容量</li>
<li>空行</li>
<li>进程状态<ol>
<li>PID - 进程id</li>
<li>USER - 进程所有者</li>
<li>PR - 进程优先级</li>
<li>NI - nice值, 负值表示高优先级, 正值表示低优先级</li>
<li>VIRT - 进程使用的虚拟内存总量, 单位KB, VIRT=SWAP+RES</li>
<li>RES - 进程使用的未被换出的物理内存大小, KB. RES=CODE+DATA</li>
<li>SHR - 共享内存大小, KB.</li>
<li>S - 进程状态</li>
<li>%CPU - 上次更新到现在的CPU时间占用百分比</li>
<li>%MEN - 进程使用的物理内存百分比</li>
<li>TIME+ - 进程使用的CPU时间总计, 单位: 1/100秒</li>
<li>COMMAND - 进程使用的命令</li>
</ol>
</li>
</ol>
<blockquote>
<p>load average : 处理进程占CPU能力的百分比, 每隔5秒钟检查一次. 如果CPU每分钟最多处理100个进程，那么系统负荷0.2，意味着CPU在这1分钟里只处理了20个进程. 超过1说明有进程在排队等待CPU处理. 单CPU时负载大于0.7就需要注意了. 达到5时系统基本死机状态.<br><code>cat /proc/cpuinfo</code> 命令可查看CPU信息, <code>grep -c &#39;model name&#39; /proc/cpuinfo</code> 查看cpu核心数. <strong>负载值不要超过核心数</strong><br>应该关注15分钟的负载值, 1分钟的说明只是暂时现象<br>第四行中使用中的内存总量（used）指的是现在系统内核控制的内存数，空闲内存总量（free）是内核还未纳入其管控范围的数量。纳入内核管理的内存不见得都在使用中，还包括过去使用过的现在可以被重复利用的内存，内核并不把这些可被重新使用的内存交还到free中去，因此在linux上free内存会越来越少，但不用为此担心。<br>如果出于习惯去计算可用内存数，这里有个近似的计算公式：第四行的free + 第四行的buffers + 第五行的cached，按这个公式此台服务器的可用内存：18537836k +169884k +3612636k = 22GB左右。<br>对于内存监控，在top里我们要时刻监控第五行swap交换分区的used，如果这个数值在不断的变化，说明内核在不断进行内存和swap的数据交换，这是真正的内存不够用了。</p>
</blockquote>
<h4 id="查看线程"><a href="#查看线程" class="headerlink" title="查看线程"></a>查看线程</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">top -H -p 1234</span><br></pre></td></tr></table></figure>
<h4 id="交互操作"><a href="#交互操作" class="headerlink" title="交互操作"></a>交互操作</h4><p><code>q</code> 退出top命令<br><code>&lt;Space&gt;</code> 立即刷新<br><code>s</code> 设置刷新时间间隔<br><strong><code>c</code></strong> 显示命令完全模式<br><code>t</code> 显示或隐藏进程和CPU状态信息<br><code>m</code> 显示或隐藏内存状态信息<br><code>l</code> 显示或隐藏uptime信息<br><code>f</code> 增加或减少进程显示标志<br><code>S</code> 累计模式，会把已完成或退出的子进程占用的CPU时间累计到父进程的MITE+<br><strong><code>P</code></strong> 按%CPU使用率排行<br><code>T</code> 按MITE+排行<br><code>M</code> 按%MEM排行<br><code>u</code> 指定显示用户进程<br><code>r</code> 修改进程renice值<br><code>kkill</code> 进程<br><code>i</code> 只显示正在运行的进程<br><code>W</code> 保存对top的设置到文件^/.toprc，下次启动将自动调用toprc文件的设置<br><code>1</code> 显示各逻辑CPU状况<br><code>h</code> 帮助命令</p>
<h3 id="ps-查看进程"><a href="#ps-查看进程" class="headerlink" title="ps  查看进程"></a>ps  查看进程</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># linux进程状态: 运行(R), 可中断的睡眠状态(S), 不可中断的睡眠状态(D), 僵尸(Z), 停止(T), 退出,即将被销毁(X)</span></span><br><span class="line"><span class="comment"># 输出列含义: PID: 进程id  %CPU:使用CPU资源占比  %MEM:所占内存百分比  VSZ:用掉的虚拟内容(KB)  RSS:占用的固定的内存(KB)  TTY:在哪个终端上运作  STAT:当前状态 TIME:用掉的CPU时间  CMD:使用的命令</span></span><br><span class="line">px -ef 	    <span class="comment"># 显示进程信息, 包括命令行, 比axu多了父进程id, 且运行时间以时分秒格式显示</span></span><br><span class="line">ps aux      <span class="comment"># 显示进程信息, 包括命令行, CPU/内存使用率, 运行数据为分秒格式</span></span><br><span class="line">ps auxww    <span class="comment"># 包含完整的命令路径</span></span><br><span class="line">ps --user $(id -u) f       <span class="comment"># 树状展示当前用户的进程</span></span><br><span class="line">ps -o ppid= -p pid      <span class="comment"># 展示某个进程的父进程id</span></span><br><span class="line">ps -u root  <span class="comment"># 显示指定用户启动的进程</span></span><br><span class="line">ps -efL  <span class="comment"># 显示线程信息</span></span><br><span class="line">ps axjf  <span class="comment"># 显示线程信息</span></span><br></pre></td></tr></table></figure>
<h2 id="网络"><a href="#网络" class="headerlink" title="网络"></a>网络</h2><h3 id="iptables-防火墙"><a href="#iptables-防火墙" class="headerlink" title="iptables 防火墙"></a>iptables 防火墙</h3><p><strong>语法</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">iptables(选项)(参数)</span><br></pre></td></tr></table></figure>
<p><strong>选项</strong></p>
<figure class="highlight"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br></pre></td><td class="code"><pre><span class="line">-t, --table table 对指定的表 table 进行操作， table 必须是 raw， nat，filter，mangle 中的一个。如果不指定此选项，默认的是 filter 表。</span><br><span class="line"></span><br><span class="line"><span class="comment"># 通用匹配：源地址目标地址的匹配</span></span><br><span class="line">-p：指定要匹配的数据包协议类型；</span><br><span class="line">-s, --source [!] address[/mask] ：把指定的一个／一组地址作为源地址，按此规则进行过滤。当后面没有 mask 时，address 是一个地址，比如：192.168.1.1；当 mask 指定时，可以表示一组范围内的地址，比如：192.168.1.0/255.255.255.0。</span><br><span class="line">-d, --destination [!] address[/mask] ：地址格式同上，但这里是指定地址为目的地址，按此进行过滤。</span><br><span class="line">-i, --in-interface [!] &lt;网络接口name&gt; ：指定数据包的来自来自网络接口，比如最常见的 eth0 。注意：它只对 INPUT，FORWARD，PREROUTING 这三个链起作用。如果没有指定此选项， 说明可以来自任何一个网络接口。同前面类似，"!" 表示取反。</span><br><span class="line">-o, --out-interface [!] &lt;网络接口name&gt; ：指定数据包出去的网络接口。只对 OUTPUT，FORWARD，POSTROUTING 三个链起作用。</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看管理命令</span></span><br><span class="line">-L, --list [chain] 列出链 chain 上面的所有规则，如果没有指定链，列出表上所有链的所有规则。</span><br><span class="line"></span><br><span class="line"><span class="comment"># 规则管理命令</span></span><br><span class="line">-A, --append chain rule-specification 在指定链 chain 的末尾插入指定的规则，也就是说，这条规则会被放到最后，最后才会被执行。规则是由后面的匹配来指定。</span><br><span class="line">-I, --insert chain [rulenum] rule-specification 在链 chain 中的指定位置插入一条或多条规则。如果指定的规则号是1，则在链的头部插入。这也是默认的情况，如果没有指定规则号。</span><br><span class="line">-D, --delete chain rule-specification -D, --delete chain rulenum 在指定的链 chain 中删除一个或多个指定规则。</span><br><span class="line">-R num：Replays替换/修改第几条规则</span><br><span class="line"></span><br><span class="line"><span class="comment"># 链管理命令（这都是立即生效的）</span></span><br><span class="line">-P, --policy chain target ：为指定的链 chain 设置策略 target。注意，只有内置的链才允许有策略，用户自定义的是不允许的。</span><br><span class="line">-F, --flush [chain] 清空指定链 chain 上面的所有规则。如果没有指定链，清空该表上所有链的所有规则。</span><br><span class="line">-N, --new-chain chain 用指定的名字创建一个新的链。</span><br><span class="line">-X, --delete-chain [chain] ：删除指定的链，这个链必须没有被其它任何规则引用，而且这条上必须没有任何规则。如果没有指定链名，则会删除该表中所有非内置的链。</span><br><span class="line">-E, --rename-chain old-chain new-chain ：用指定的新名字去重命名指定的链。这并不会对链内部造成任何影响。</span><br><span class="line">-Z, --zero [chain] ：把指定链，或者表中的所有链上的所有计数器清零。</span><br><span class="line"></span><br><span class="line">-j, --jump target &lt;指定目标&gt; ：即满足某条件时该执行什么样的动作。target 可以是内置的目标，比如 ACCEPT，也可以是用户自定义的链。</span><br><span class="line">-h：显示帮助信息；</span><br></pre></td></tr></table></figure>
<p><strong>基本参数</strong></p>
<table>
<thead>
<tr>
<th style="text-align:center">参数</th>
<th style="text-align:left">作用</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">-P</td>
<td style="text-align:left">设置默认策略:iptables -P INPUT (DROP</td>
</tr>
<tr>
<td style="text-align:center">-F</td>
<td style="text-align:left">清空规则链</td>
</tr>
<tr>
<td style="text-align:center">-L</td>
<td style="text-align:left">查看规则链</td>
</tr>
<tr>
<td style="text-align:center">-A</td>
<td style="text-align:left">在规则链的末尾加入新规则</td>
</tr>
<tr>
<td style="text-align:center">-I</td>
<td style="text-align:left">num 在规则链的头部加入新规则</td>
</tr>
<tr>
<td style="text-align:center">-D</td>
<td style="text-align:left">num 删除某一条规则</td>
</tr>
<tr>
<td style="text-align:center">-s</td>
<td style="text-align:left">匹配来源地址IP/MASK，加叹号”!”表示除这个IP外。</td>
</tr>
<tr>
<td style="text-align:center">-d</td>
<td style="text-align:left">匹配目标地址</td>
</tr>
<tr>
<td style="text-align:center">-i</td>
<td style="text-align:left">网卡名称 匹配从这块网卡流入的数据</td>
</tr>
<tr>
<td style="text-align:center">-o</td>
<td style="text-align:left">网卡名称 匹配从这块网卡流出的数据</td>
</tr>
<tr>
<td style="text-align:center">-p</td>
<td style="text-align:left">匹配协议,如tcp,udp,icmp</td>
</tr>
<tr>
<td style="text-align:center">–dport num</td>
<td style="text-align:left">匹配目标端口号</td>
</tr>
<tr>
<td style="text-align:center">–sport num</td>
<td style="text-align:left">匹配来源端口号</td>
</tr>
</tbody>
</table>
<p><strong>命令选项输入顺序</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">iptables -t 表名 &lt;-A/I/D/R&gt; 规则链名 [规则号] &lt;-i/o 网卡名&gt; -p 协议名 &lt;-s 源IP/源子网&gt; --sport 源端口 &lt;-d 目标IP/目标子网&gt; --dport 目标端口 -j 动作</span><br></pre></td></tr></table></figure>
<p><strong>工作机制</strong></p>
<p>规则链名包括(也被称为五个钩子函数（hook functions）)：</p>
<ul>
<li><strong>INPUT链</strong> ：处理输入数据包。</li>
<li><strong>OUTPUT链</strong> ：处理输出数据包。</li>
<li><strong>FORWARD链</strong> ：处理转发数据包。</li>
<li><strong>PREROUTING链</strong> ：用于目标地址转换（DNAT），内到外。</li>
<li><strong>POSTOUTING链</strong> ：用于源地址转换（SNAT），外到内。</li>
</ul>
<p><strong>防火墙策略</strong></p>
<p>防火墙策略一般分为两种，一种叫<code>通</code>策略，一种叫<code>堵</code>策略，通策略，默认门是关着的，必须要定义谁能进。堵策略则是，大门是洞开的，但是你必须有身份认证，否则不能进。所以我们要定义，让进来的进来，让出去的出去，<code>所以通，是要全通，而堵，则是要选择</code>。当我们定义的策略的时候，要分别定义多条功能，其中：定义数据包中允许或者不允许的策略，filter过滤的功能，而定义地址转换的功能的则是nat选项。为了让这些功能交替工作，我们制定出了“表”这个定义，来定义、区分各种不同的工作功能和处理方式。</p>
<p>现在用的比较多个功能有3个：</p>
<ol>
<li>filter 定义允许或者不允许的，只能做在3个链上：INPUT ，FORWARD ，OUTPUT</li>
<li>nat 定义地址转换的，也只能做在3个链上：PREROUTING ，OUTPUT ，POSTROUTING</li>
<li>mangle功能:修改报文原数据，是5个链都可以做：PREROUTING，INPUT，FORWARD，OUTPUT，POSTROUTING</li>
</ol>
<p>我们修改报文原数据就是来修改TTL的。能够实现将数据包的元数据拆开，在里面做标记/修改内容的。而防火墙标记，其实就是靠mangle来实现的。</p>
<p><strong>表名包括</strong>：</p>
<ul>
<li><strong>raw</strong> ：RAW表只使用在PREROUTING链和OUTPUT链上,因为优先级最高，从而可以对收到的数据包在连接跟踪前进行处理。一但用户使用了RAW表,在某个链上,RAW表处理完后,将跳过NAT表和ip_conntrack处理,即不再做地址转换和数据包的链接跟踪处理了.</li>
<li><strong>mangle</strong> ：拥有prerouting、FORWARD、postrouting三个规则链，除了进行网址转译工作会改写封包外，在某些特殊应用可能也必须去改写封包(ITL、TOS)或者是设定MARK(将封包作记号，以进行后续的过滤)这时就必须将这些工作定义在mangles规则表中</li>
<li><strong>nat</strong> ：拥有prerouting和postrouting两个规则链， 主要功能为进行一对一、一对多、多对多等网址转译工作（SNATDNAT）用于网关路由器。</li>
<li><strong>filter</strong> ：预设规则表，拥有 INPUT、FORWARD 和 OUTPUT 三个规则链，这个规则表顾名思义是用来进行封包过滤的理动作</li>
</ul>
<p>4个表的优先级由高到低：raw–&gt;mangle–&gt;nat–&gt;filter</p>
<p><strong>动作包括</strong>：</p>
<ul>
<li><p><strong>ACCEPT</strong> ：接收数据包。</p>
</li>
<li><p><strong>DROP</strong> ：丢弃数据包。</p>
</li>
<li><p><strong>REDIRECT</strong> ：重定向、映射、透明代理。</p>
</li>
<li><p><strong>SNAT</strong> ：源地址转换。</p>
</li>
<li><p><strong>DNAT</strong> ：目标地址转换。</p>
</li>
<li><p><strong>MASQUERADE</strong> ：IP伪装（NAT），用于ADSL。</p>
</li>
<li><p><strong>LOG</strong> ：日志记录。</p>
</li>
<li><p><strong>SEMARK</strong> : 添加SEMARK标记以供网域内强制访问控制（MAC）</p>
<p><img src="https://upload.wikimedia.org/wikipedia/commons/thumb/3/37/Netfilter-packet-flow.svg/2880px-Netfilter-packet-flow.svg.png" alt="iptables"></p>
</li>
</ul>
<h4 id="实例"><a href="#实例" class="headerlink" title="实例"></a>实例</h4><p><strong>清空当前的所有规则和计数</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">iptables -F  # 清空所有的防火墙规则</span><br><span class="line">iptables -X  # 删除用户自定义的空链</span><br><span class="line">iptables -Z  # 清空计数</span><br></pre></td></tr></table></figure>
<p><strong>配置允许ssh端口连接</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 22 -j ACCEPT</span><br><span class="line"><span class="meta">#</span><span class="bash"> 22为你的ssh端口， -s 192.168.1.0/24表示允许这个网段的机器来连接，其它网段的ip地址是登陆不了你的机器的。 -j ACCEPT表示接受这样的请求</span></span><br></pre></td></tr></table></figure>
<p><strong>允许本地回环地址可以正常使用</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">iptables -A INPUT -i lo -j ACCEPT</span><br><span class="line"><span class="meta">#</span><span class="bash">本地圆环地址就是那个127.0.0.1，是本机上使用的,它进与出都设置为允许</span></span><br><span class="line">iptables -A OUTPUT -o lo -j ACCEPT</span><br></pre></td></tr></table></figure>
<p><strong>设置默认的规则</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">iptables -P INPUT DROP <span class="comment"># 配置默认的不让进</span></span><br><span class="line">iptables -P FORWARD DROP <span class="comment"># 默认的不允许转发</span></span><br><span class="line">iptables -P OUTPUT ACCEPT <span class="comment"># 默认的可以出去</span></span><br></pre></td></tr></table></figure>
<p><strong>配置白名单</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">iptables -A INPUT -p all -s 192.168.1.0/24 -j ACCEPT  <span class="comment"># 允许机房内网机器可以访问</span></span><br><span class="line">iptables -A INPUT -p all -s 192.168.140.0/24 -j ACCEPT  <span class="comment"># 允许机房内网机器可以访问</span></span><br><span class="line">iptables -A INPUT -p tcp -s 183.121.3.7 --dport 3380 -j ACCEPT <span class="comment"># 允许183.121.3.7访问本机的3380端口</span></span><br></pre></td></tr></table></figure>
<p><strong>开启相应的服务端口</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">iptables -A INPUT -p tcp --dport 80 -j ACCEPT <span class="comment"># 开启80端口，因为web对外都是这个端口</span></span><br><span class="line">iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT <span class="comment"># 允许被ping</span></span><br><span class="line">iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT <span class="comment"># 已经建立的连接得让它进来</span></span><br></pre></td></tr></table></figure>
<p><strong>保存规则到配置文件中</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 任何改动之前先备份，请保持这一优秀的习惯</span></span><br><span class="line">cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak </span><br><span class="line"></span><br><span class="line">iptables-save &gt; /etc/sysconfig/iptables</span><br><span class="line">cat /etc/sysconfig/iptables</span><br></pre></td></tr></table></figure>
<p><strong>列出已设置的规则</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line">iptables -L -t nat                  <span class="comment"># 列出 nat 上面的所有规则</span></span><br><span class="line"><span class="comment">#            ^ -t 参数指定，必须是 raw， nat，filter，mangle 中的一个</span></span><br><span class="line">iptables -L -t nat  --line-numbers  <span class="comment"># 规则带编号</span></span><br><span class="line">iptables -L INPUT</span><br><span class="line"></span><br><span class="line">iptables -L -nv  <span class="comment"># 查看，这个列表看起来更详细</span></span><br><span class="line"></span><br><span class="line">-n：以数字的方式显示ip，它会将ip直接显示出来，如果不加-n，则会将ip反向解析成主机名。</span><br><span class="line">-v：显示详细信息</span><br><span class="line">-vv</span><br><span class="line">-vvv :越多越详细</span><br><span class="line">-x：在计数器上显示精确值，不做单位换算</span><br><span class="line">--line-numbers : 显示规则的行号</span><br><span class="line">-t nat：显示所有的关卡的信息</span><br></pre></td></tr></table></figure>
<p><strong>删除已添加的规则</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 添加一条规则</span></span><br><span class="line">iptables -A INPUT -s 192.168.1.5 -j DROP</span><br><span class="line"><span class="comment"># 将所有iptables以序号标记显示</span></span><br><span class="line">iptables -L -n --line-numbers</span><br><span class="line"><span class="comment"># 删除INPUT里序号为8的规则</span></span><br><span class="line">iptables -D INPUT 8</span><br></pre></td></tr></table></figure>
<p><strong>开放指定的端口</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT     <span class="comment">#允许本地回环接口(即运行本机访问本机)</span></span><br><span class="line">iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT  <span class="comment">#允许已建立的或相关连的通行</span></span><br><span class="line">iptables -A OUTPUT -j ACCEPT         <span class="comment">#允许所有本机向外的访问</span></span><br><span class="line">iptables -A INPUT -p tcp --dport 22 -j ACCEPT    <span class="comment">#允许访问22端口</span></span><br><span class="line">iptables -A INPUT -p tcp --dport 80 -j ACCEPT    <span class="comment">#允许访问80端口</span></span><br><span class="line">iptables -A INPUT -j reject       <span class="comment">#禁止其他未允许的规则访问</span></span><br><span class="line">iptables -A FORWARD -j REJECT     <span class="comment">#禁止其他未允许的规则访问</span></span><br></pre></td></tr></table></figure>
<p><strong>屏蔽IP</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">iptables -A INPUT -p tcp -m tcp -s 192.168.0.8 -j DROP  <span class="comment"># 屏蔽恶意主机（比如，192.168.0.8</span></span><br><span class="line">iptables -I INPUT -s 123.45.6.7 -j DROP       <span class="comment">#屏蔽单个IP的命令</span></span><br><span class="line">iptables -I INPUT -s 123.0.0.0/8 -j DROP      <span class="comment">#封整个段即从123.0.0.1到123.255.255.254</span></span><br></pre></td></tr></table></figure>
<p><strong>指定数据包出去的网络接口</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 只对 OUTPUT，FORWARD，POSTROUTING 三个链起作用</span></span><br><span class="line">iptables -A FORWARD -o eth0</span><br></pre></td></tr></table></figure>
<p><strong>端口映射</strong></p>
<figure class="highlight sh"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 本机的 2222 端口映射到内网 虚拟机的22 端口</span></span><br><span class="line">iptables -t nat -A PREROUTING -d 210.14.67.127 -p tcp --dport 2222  -j DNAT --to-dest 192.168.188.115:22</span><br></pre></td></tr></table></figure>
<h3 id="firewalld"><a href="#firewalld" class="headerlink" title="firewalld"></a>firewalld</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 安装firewalld</span></span><br><span class="line">yum install firewalld firewall-config</span><br><span class="line"></span><br><span class="line">systemctl start  firewalld <span class="comment"># 启动</span></span><br><span class="line">systemctl stop firewalld  <span class="comment"># 停止</span></span><br><span class="line">systemctl <span class="built_in">enable</span> firewalld <span class="comment"># 启用自动启动</span></span><br><span class="line">systemctl <span class="built_in">disable</span> firewalld <span class="comment"># 禁用自动启动</span></span><br><span class="line">systemctl status firewalld <span class="comment"># 或者 firewall-cmd --state 查看状态</span></span><br></pre></td></tr></table></figure>
<p>配置</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br></pre></td><td class="code"><pre><span class="line">firewall-cmd --version  <span class="comment"># 查看版本</span></span><br><span class="line">firewall-cmd --<span class="built_in">help</span>     <span class="comment"># 查看帮助</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看设置：</span></span><br><span class="line">firewall-cmd --state  <span class="comment"># 显示状态</span></span><br><span class="line">firewall-cmd --get-active-zones  <span class="comment"># 查看区域信息</span></span><br><span class="line">firewall-cmd --get-zone-of-interface=eth0  <span class="comment"># 查看指定接口所属区域</span></span><br><span class="line">firewall-cmd --panic-on  <span class="comment"># 拒绝所有包</span></span><br><span class="line">firewall-cmd --panic-off  <span class="comment"># 取消拒绝状态</span></span><br><span class="line">firewall-cmd --query-panic  <span class="comment"># 查看是否拒绝</span></span><br><span class="line"></span><br><span class="line">firewall-cmd --reload <span class="comment"># 更新防火墙规则</span></span><br><span class="line">firewall-cmd --complete-reload</span><br><span class="line"><span class="comment"># 两者的区别就是第一个无需断开连接，就是firewalld特性之一动态添加规则，第二个需要断开连接，类似重启服务</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 将接口添加到区域，默认接口都在public	永久生效再加上 --permanent 然后reload防火墙</span></span><br><span class="line">firewall-cmd --zone=public --add-interface=eth0</span><br><span class="line">firewall-cmd --<span class="built_in">set</span>-default-zone=public<span class="comment"># 设置默认接口区域，立即生效无需重启</span></span><br><span class="line"></span><br><span class="line">firewall-cmd --zone=dmz --list-ports	<span class="comment"># 查看所有打开的端口</span></span><br><span class="line"></span><br><span class="line">firewall-cmd --zone=dmz --add-port=8080/tcp		<span class="comment"># 加入一个端口到区域：</span></span><br><span class="line"><span class="comment"># 若要永久生效方法同上</span></span><br><span class="line"> </span><br><span class="line"><span class="comment"># 打开一个服务，类似于将端口可视化，服务需要在配置文件中添加，/etc/firewalld 目录下有services文件夹，这个不详细说了，详情参考文档</span></span><br><span class="line">firewall-cmd --zone=work --add-service=smtp</span><br><span class="line"> </span><br><span class="line"><span class="comment"># 移除服务</span></span><br><span class="line">firewall-cmd --zone=work --remove-service=smtp</span><br><span class="line"></span><br><span class="line">firewall-cmd --get-zones		<span class="comment"># 显示支持的区域列表</span></span><br><span class="line">firewall-cmd --<span class="built_in">set</span>-default-zone=home		<span class="comment"># 设置为家庭区域</span></span><br><span class="line">firewall-cmd --get-active-zones		<span class="comment"># 查看当前区域</span></span><br><span class="line">firewall-cmd --get-zone-of-interface=enp03s		<span class="comment"># 设置当前区域的接口</span></span><br><span class="line">firewall-cmd --zone=public --list-all			<span class="comment"># 显示所有公共区域（public）</span></span><br><span class="line">firewall-cmd --zone=internal --change-interface=enp03s	<span class="comment"># 临时修改网络接口（enp0s3）为内部区域（internal）</span></span><br><span class="line">firewall-cmd --permanent --zone=internal --change-interface=enp03s	<span class="comment"># 永久修改网络接口enp03s为内部区域（internal）</span></span><br></pre></td></tr></table></figure>
<p>服务管理</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 显示服务列表  </span></span><br><span class="line"><span class="comment"># Amanda, FTP, Samba和TFTP等最重要的服务已经被FirewallD提供相应的服务，可以使用如下命令查看：</span></span><br><span class="line"></span><br><span class="line">firewall-cmd --get-services</span><br><span class="line">firewall-cmd --new-service=ssh		<span class="comment"># 允许SSH服务通过</span></span><br><span class="line">firewall-cmd --delete-service=ssh	<span class="comment"># 禁止SSH服务通过</span></span><br><span class="line">firewall-cmd --<span class="built_in">enable</span> ports=8080/tcp	<span class="comment"># 打开TCP的8080端口</span></span><br><span class="line">firewall-cmd --<span class="built_in">enable</span> service=samba --timeout=600	<span class="comment"># 临时允许Samba服务通过600秒</span></span><br><span class="line">firewall-cmd --list-services	<span class="comment"># 显示当前服务</span></span><br><span class="line">firewall-cmd --permanent --zone=internal --add-service=http		<span class="comment"># 添加HTTP服务到内部区域（internal）</span></span><br><span class="line">firewall-cmd --reload     <span class="comment"># 在不改变状态的条件下重新加载防火墙</span></span><br></pre></td></tr></table></figure>
<p>端口管理</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line">firewall-cmd --add-port=443/tcp	<span class="comment"># 打开443/TCP端口</span></span><br><span class="line">firewall-cmd --permanent --add-port=3690/tcp	<span class="comment"># 永久打开3690/TCP端口</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 永久打开端口好像需要reload一下，临时打开好像不用，如果用了reload临时打开的端口就失效了</span></span><br><span class="line"><span class="comment"># 其它服务也可能是这样的，这个没有测试</span></span><br><span class="line">firewall-cmd --reload</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看防火墙，添加的端口也可以看到</span></span><br><span class="line">firewall-cmd --list-all</span><br></pre></td></tr></table></figure>
<h3 id="ping-测试网络通断与延迟"><a href="#ping-测试网络通断与延迟" class="headerlink" title="ping 测试网络通断与延迟"></a>ping 测试网络通断与延迟</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">ping www.baidu.com</span><br><span class="line">ping -c 10 192.168.1.101    <span class="comment"># 指定次数</span></span><br><span class="line">ping -c 10 -i 0.5 192.168.1.101     <span class="comment"># 指定次数和间隔(秒)</span></span><br><span class="line">ping -i 3 -s 1024 -t 255 192.168.1.101  <span class="comment"># -s 发送包大小为1024字节 -t TTL为255</span></span><br></pre></td></tr></table></figure>
<h3 id="tcpping"><a href="#tcpping" class="headerlink" title="tcpping"></a>tcpping</h3><p>ping命令是基于ICMP协议, 遇到某些主机会禁用ICMP协议导致Ping命令失效, 这时可以使用基于tcp协议的工具, 比如: tcpping, tcping, psping, hping, paping等</p>
<p>tcpping安装步骤如下:</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 1. tcpping 脚本依赖 tcptraceroute 组件, 所以必须先安装 tcptraceroute</span></span><br><span class="line">yum install -y tcptraceroute</span><br><span class="line"><span class="comment"># 2. 下载tcpping文件</span></span><br><span class="line">wget http://www.vdberg.org/~richard/tcpping</span><br><span class="line"><span class="comment"># 3. 将 tcpping 文件移动到 /usr/bin 下并授权</span></span><br><span class="line">mv tcpping /usr/bin/</span><br><span class="line"><span class="built_in">cd</span> /usr/bin</span><br><span class="line">chmod 755 tcpping</span><br><span class="line"><span class="comment"># 4. -d:打印时间戳  -c:结果输出在一列  -C:调整输出格式  -r n:输出间隔为n秒(默认1) -x n:重复n次</span></span><br><span class="line">tcpping www.baidu.com</span><br></pre></td></tr></table></figure>
<p>hping是一个命令行下使用的 TCP/IP 数据包组装/分析工具, 它不仅能发送 ICMP 回应请求, 它还可以支持 TCP、UDP、ICMP 和 RAW-IP 协议</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 安装</span></span><br><span class="line">yum install hping3</span><br><span class="line"><span class="comment"># 发送</span></span><br><span class="line">hping3 -S -p 80 -c 3 www.baidu.com</span><br></pre></td></tr></table></figure>
<h3 id="ifconfig-网络管理"><a href="#ifconfig-网络管理" class="headerlink" title="ifconfig  网络管理"></a>ifconfig  网络管理</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 显示网络设备信息(激活状态的)</span></span><br><span class="line">ifconfig</span><br><span class="line"><span class="comment"># 全部网络接口</span></span><br><span class="line">ifconfig -a</span><br><span class="line"></span><br><span class="line"><span class="comment"># 启动关闭指定网卡</span></span><br><span class="line">ifconfig eth0 up</span><br><span class="line">ifconfig eth0 down</span><br><span class="line"></span><br><span class="line"><span class="comment"># 配置IP地址</span></span><br><span class="line">ifconfig eth0 192.168.1.110    </span><br><span class="line">ifconfig eth0 192.168.1.100 netmask 255.255.255.0</span><br><span class="line">ifconfig eth0 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255</span><br><span class="line"></span><br><span class="line"><span class="comment"># 修改MAC地址</span></span><br><span class="line">ifconfig eth0 hw ether 00:AA:BB:CC:dd:EE</span><br><span class="line"></span><br><span class="line"><span class="comment"># 设置网卡最大传输单元MTU</span></span><br><span class="line">ifconfig eth0 mtu 1500</span><br></pre></td></tr></table></figure>
<h3 id="nmcli-网络管理"><a href="#nmcli-网络管理" class="headerlink" title="nmcli 网络管理"></a>nmcli 网络管理</h3><p>安装命令:<code>yum install -y NetworkManager</code>, centos默认已安装</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 网络设备列表及其状态</span></span><br><span class="line">$ nmcli device</span><br><span class="line">DEVICE     TYPE      STATE   CONNECTION</span><br><span class="line">enp95s0f0  ethernet  连接的  enp95s0f0</span><br><span class="line">docker0    bridge    连接的  docker0</span><br><span class="line">eno1       ethernet  不可用  --</span><br><span class="line">eno2       ethernet  不可用  --</span><br><span class="line"></span><br><span class="line"><span class="comment"># 显示所有链接</span></span><br><span class="line">$ nmcli connection show</span><br><span class="line">NAME       UUID                                  TYPE      DEVICE</span><br><span class="line">docker0    4b08510f-a715-46d9-bd22-2fd6bd7c9508  bridge    docker0</span><br><span class="line">enp95s0f0  de3c137d-dc87-4478-8377-856c1c9ad578  ethernet  enp95s0f0</span><br><span class="line">eno1       57c4e4ed-9b47-4ddd-b75b-8bc407b9825b  ethernet  --</span><br><span class="line">eno2       964cbe81-2ba9-424c-acd1-8384eebc2e46  ethernet  --</span><br></pre></td></tr></table></figure>
<h3 id="IP-网络配置"><a href="#IP-网络配置" class="headerlink" title="IP 网络配置"></a>IP 网络配置</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 显示网络接口信息</span></span><br><span class="line">ip link show</span><br><span class="line"><span class="comment"># 显示更加详细的设备信息 可以看到各接口数据统计</span></span><br><span class="line">ip -s link list</span><br><span class="line"></span><br><span class="line"><span class="comment"># 开启/关闭网卡</span></span><br><span class="line">ip link <span class="built_in">set</span> eth0 up</span><br><span class="line">ip link <span class="built_in">set</span> eth0 down</span><br><span class="line"></span><br><span class="line"><span class="comment"># 设置网卡队列长度</span></span><br><span class="line">ip link <span class="built_in">set</span> eth0 txqueuelen 1200</span><br><span class="line"><span class="comment"># 设置网卡最大传输单元MTU</span></span><br><span class="line">ip link <span class="built_in">set</span> eth0 mtu 1500</span><br><span class="line"></span><br><span class="line"><span class="comment"># 显示网卡信息</span></span><br><span class="line">ip a</span><br><span class="line">ip address show</span><br><span class="line">ip addr show</span><br><span class="line"></span><br><span class="line"><span class="comment"># 设置/删除网卡IP地址</span></span><br><span class="line">ip addr add 192.168.1.100/24 dev eth0</span><br><span class="line">ip addr del 192.168.1.100/24 dev eth0</span><br><span class="line"></span><br><span class="line"><span class="comment"># 显示系统路由表条目</span></span><br><span class="line">ip route show</span><br><span class="line">ip route list</span><br><span class="line"><span class="comment"># 显示局域网内设备的MAC</span></span><br><span class="line">ip neigh list</span><br><span class="line"><span class="comment"># 设置默认路由</span></span><br><span class="line">ip route add default via 192.168.1.254</span><br><span class="line"><span class="comment"># 设置默认网关</span></span><br><span class="line">ip route add default via 192.168.0.254 dev eth0</span><br><span class="line"><span class="comment"># 设置192.168.4.0网段的网关为192.168.0.254, 数据走eth0接口</span></span><br><span class="line">ip route add 192.168.4.0/24 via 192.168.0.254 dev eth0</span><br><span class="line"><span class="comment"># 删除192.168.4.0网段的网关</span></span><br><span class="line">ip route del 192.168.4.0/24</span><br><span class="line"><span class="comment"># 删除默认路由</span></span><br><span class="line">ip route del default</span><br><span class="line"><span class="comment"># 删除路由</span></span><br><span class="line">ip route delete 192.168.1.0/24 dev eth0</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看ip地址路由包从哪里来</span></span><br><span class="line">ip route get 8.8.8.8</span><br><span class="line">8.8.8.8 via 192.168.64.1 dev eth0  src 192.168.64.6</span><br><span class="line">    cache</span><br></pre></td></tr></table></figure>
<h3 id="netstat"><a href="#netstat" class="headerlink" title="netstat"></a>netstat</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">netstat -natp | grep 3306    </span><br><span class="line">lsof -i :8080</span><br><span class="line"></span><br><span class="line"><span class="comment"># 各种tcp连接状态数量统计</span></span><br><span class="line">netstat -tna | awk <span class="string">'&#123;print $6&#125;'</span> | sort | uniq -c</span><br><span class="line"></span><br><span class="line">netstat -n| awk <span class="string">'/^tcp/ &#123;++S[$NF]&#125; END &#123;for(a in S) print a, S[a]&#125;'</span></span><br></pre></td></tr></table></figure>
<blockquote>
<ul>
<li>-a (all)显示所有选项，默认不显示 LISTEN 相关</li>
<li>-t (tcp)仅显示 tcp 相关选项</li>
<li>-u (udp)仅显示 udp 相关选项</li>
<li>-n 拒绝显示别名，能显示数字的全部转化成数字。</li>
<li>-l 仅列出有在 Listen (监听) 的服務状态</li>
<li>-p 显示建立相关链接的程序名</li>
<li>-r 显示路由信息，路由表</li>
<li>-e 显示扩展信息，例如 uid 等</li>
<li>-s 按各个协议进行统计</li>
<li>-c 每隔一个固定时间，执行该 netstat 命令。</li>
</ul>
</blockquote>
<p>我们常说的丢包有三种：</p>
<ul>
<li>一种是内核能够记录的，也就是协议栈上的丢包；</li>
<li>另一种是网卡能够记录的，就是网卡处理不过来丢包；</li>
<li>第三种就是传输过程中被丢弃的，也就是离开本机之后，未能到达目标主机的。</li>
</ul>
<p>不管哪种丢包，根据TCP协议的重传规则，我们都可以通过重传来估算系统的丢包情况：</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line">$ netstat -st | grep retrans</span><br><span class="line">    2500090 segments retransmited</span><br><span class="line">    725553 fast retransmits</span><br><span class="line">    1146287 forward retransmits</span><br><span class="line">    22308 retransmits <span class="keyword">in</span> slow start</span><br><span class="line">    6113 SACK retransmits failed</span><br><span class="line"></span><br><span class="line"><span class="comment"># 使用watch持续观察</span></span><br><span class="line">$ watch netstat -st</span><br></pre></td></tr></table></figure>
<p>查看全队列配置情况</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">$ netstat -st | grep SYN</span><br><span class="line"></span><br><span class="line">$ netstat -st | grep overflowed</span><br><span class="line">$ netstat -st | grep dropped</span><br></pre></td></tr></table></figure>
<p>如果<code>xx times the listen queue of a socket overflowed</code> 和 <code>xx SYNs to LISTEN sockets dropped</code>出现持续的增长, 说明服务器的全队列过小, 全队列发生溢出, 后续的请求就会被丢弃, 服务端出现请求数量上不去的现象.</p>
<p>查看所有端口的统计信息，<code>-st</code>/<code>-su</code>：统计TCP/UDP    </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ netstat -s</span><br></pre></td></tr></table></figure>
<p>通常我们可以通过查找 netstat -s 中 overrun、 collapse、pruned 等事件来观察，如果相关的统计项一直都在增长，那么说明应用的接收缓冲区需要调整了</p>
<h3 id="ss-网络"><a href="#ss-网络" class="headerlink" title="ss - 网络"></a>ss - 网络</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 显示所有TCP连接</span></span><br><span class="line">ss -nat</span><br><span class="line"></span><br><span class="line"><span class="comment"># socket摘要</span></span><br><span class="line">ss -s</span><br><span class="line"></span><br><span class="line"><span class="comment"># 显示正在监听的TCP连接</span></span><br><span class="line">ss -nlt</span><br><span class="line"><span class="comment"># Recv-Q: 当前全连接队列的大小, 即完成三次握手并等待进程调用accept()的TCP数量</span></span><br><span class="line"><span class="comment"># Send-Q: 当前TCP服务的最大全连接数</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 非监听状态的TCP连接</span></span><br><span class="line">ss -nt</span><br><span class="line"><span class="comment"># Recv-Q: 已收到但未被应用进程读取的字节数</span></span><br><span class="line"><span class="comment"># Send-Q: 已发送但未收到确认的字节数</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 统计各状态的TCP连接</span></span><br><span class="line">ss -nat | awk <span class="string">'&#123;print $1&#125;'</span> | sort | uniq -c | sort -m</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看某个状态的连接 established/time-wait/fin-wait-1/fin-wait-2/syn-recv</span></span><br><span class="line"><span class="comment"># syn-sent/listening/last-ack/closing/close-wait/closed</span></span><br><span class="line"><span class="comment"># all:上面的全部 connected: 除了list和closed  synchronized: connected中除了syn-sent</span></span><br><span class="line"><span class="comment"># bucket: maintained as minisockets,如：time-wait和syn-recv big: 和bucket相反.</span></span><br><span class="line">ss state time-wait</span><br><span class="line">ss -a state SYN-RECV</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看连接到端口的socket</span></span><br><span class="line">ss dst :3306</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看连接到目标ip(端口)的链接(tcp/udp)</span></span><br><span class="line">ss dst 192.168.1.5</span><br><span class="line">ss dst 192.168.1.5:3306</span><br><span class="line"><span class="comment"># 根据源ip查看连接</span></span><br><span class="line">ss src 192.168.1.230</span><br><span class="line"></span><br><span class="line"><span class="comment"># 根据端口</span></span><br><span class="line">ss dport = :3306   <span class="comment"># 连接到3306端口的</span></span><br><span class="line">ss sport = :http   <span class="comment"># 从80端发起连接的</span></span><br><span class="line"><span class="comment"># &lt;= or le    &gt;= or ge    == or eq    != or ne    &lt; or gt     &gt; or lt</span></span><br><span class="line">ss dport \&gt; :1024</span><br><span class="line">ss sport \&gt; :1024</span><br><span class="line">ss sport \&lt; :32000</span><br><span class="line">ss sport eq :22</span><br><span class="line">ss dport != :22</span><br><span class="line"></span><br><span class="line"><span class="comment"># 列举出处于established状态的源端口为80或者443，目标网络为193.233.7/24所有tcp套接字</span></span><br><span class="line">ss -o state established <span class="string">'( sport = :http or sport = :https )'</span> dst 193.233.7/24</span><br><span class="line"></span><br><span class="line"><span class="comment"># 占用端口</span></span><br><span class="line">ss -ntp | grep 6379</span><br></pre></td></tr></table></figure>
<ul>
<li><code>-a</code> 显示所有套接字    <code>-l</code> 显示监听状态的套接字   <code>-s</code> 显示套接字使用概况</li>
<li><code>-t</code> 仅显示tcp连接,   <code>-u</code> 仅显示udp连接</li>
<li><code>-4</code> 仅显示IPv4套接字    <code>-6</code> 仅显示IPv6套接字</li>
<li><code>-p</code> 显示使用该套接字的进程信息, 会显示进程命令/进程id/文件描述符</li>
<li><code>-m</code> 显示套接字的内存使用情况</li>
<li><code>-e</code> 显示详细的套接字信息   <code>-i</code> 显示TCP内部信息  </li>
<li><code>-r</code> 解析主机名   <code>-n</code>不解析服务名称(不加的话不显示端口, 而是显示服务名)</li>
</ul>
<p><a href="https://www.cnblogs.com/xiaolincoding/p/12995358.html" target="_blank" rel="noopener">TCP 半连接队列和全连接队列满了会发生什么？又该如何应对？</a></p>
<h3 id="lsof-一切皆文件"><a href="#lsof-一切皆文件" class="headerlink" title="lsof 一切皆文件"></a>lsof 一切皆文件</h3><p>用于查看打开文件的进程, 进程打开了哪些文件, 端口等. 由于lsof命令需要访问核心内存和各种文件, 所以需要root用户执行.</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ lsof /iflytek/server/jdk1.8.0_71/bin/java</span><br><span class="line">COMMAND   PID USER  FD   TYPE DEVICE SIZE/OFF      NODE NAME</span><br><span class="line">java     5401 root txt    REG 253,17     7734 805307256 /iflytek/server/jdk1.8.0_71/bin/java</span><br></pre></td></tr></table></figure>
<p><code>COMMAND</code>  : 进程名称   <code>PID</code> : 进程id   <code>USER</code> :  进程所有者   <code>FD</code> : 文件描述符  <code>TYPE</code> : 文件类型  <code>DEVICE</code>:  磁盘名称  <code>SIZE</code> : 文件大小  <code>NODE</code> :  索引节点(文件在磁盘上的标识)  <code>NAME</code> : 被打开文件的确切名称</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 查询某个用户打开的文件</span></span><br><span class="line">lsof -u username</span><br><span class="line"></span><br><span class="line"><span class="comment"># 列出指定进程打开的文件</span></span><br><span class="line">lsof -p PID</span><br><span class="line"></span><br><span class="line"><span class="comment"># 列出打开文件的进程</span></span><br><span class="line">lsof FILENAME</span><br><span class="line"></span><br><span class="line"><span class="comment"># 显示打开80端口的进程</span></span><br><span class="line">lsof -i :80</span><br><span class="line"><span class="comment"># 所有TCP连接</span></span><br><span class="line">lsof -i tcp</span><br><span class="line"><span class="comment"># 列出所有IPv4连接</span></span><br><span class="line">lsof -i 4</span><br><span class="line"><span class="comment"># 连接到指定主机的连接</span></span><br><span class="line">lsof -i @172.31.47.13</span><br><span class="line"><span class="comment"># 连接到指定主机端口的连接</span></span><br><span class="line">lsof -i @172.31.47.13:8085</span><br><span class="line"></span><br><span class="line"><span class="comment"># 列出正在等待连接的端口</span></span><br><span class="line">lsof -i -sTCP:LISTEN</span><br><span class="line">lsof -i | grep LISTEN</span><br><span class="line"></span><br><span class="line"><span class="comment"># 杀死用户运行的所有进程</span></span><br><span class="line"><span class="built_in">kill</span> -9 `lsof -t -u daniel`</span><br><span class="line"></span><br><span class="line"><span class="comment"># 根据文件描述列出对应的文件信息</span></span><br><span class="line">lsof -d 5 | grep nginx</span><br><span class="line">COMMAND     PID           USER   FD      TYPE             DEVICE  SIZE/OFF      NODE NAME</span><br><span class="line">nginx      4072           root    5w      REG             253,17 141778115 808976418 /iflytek/server/nginx-1.10.2/logs/access.log</span><br><span class="line"></span><br><span class="line"><span class="comment"># 列出被指定进程号打开的所有IPv4网络文件</span></span><br><span class="line">lsof -i 4 -nap 20531</span><br><span class="line">java    20531 root   40u  IPv4 627722714      0t0  TCP 172.31.46.2:40646-&gt;172.31.46.2:mysql (ESTABLISHED)</span><br><span class="line">java    20531 root   41u  IPv4 627761916      0t0  TCP 172.31.46.2:9890-&gt;172.31.46.111:34202 (ESTABLISHED)</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看指定进程的所有 TCP 连接信息</span></span><br><span class="line">lsof -p 4721 -nP | grep TCP</span><br><span class="line">java    163379 root   14u     IPv6         2306092363       0t0        TCP *:8085 (LISTEN)</span><br><span class="line">java    163379 root   29u     IPv6         2306098266       0t0        TCP 172.31.96.175:8085-&gt;172.31.103.83:52600 (ESTABLISHED)</span><br><span class="line">java    163379 root   39u     IPv6         2306089478       0t0        TCP 172.31.96.175:8085-&gt;172.31.103.83:52610 (ESTABLISHED)</span><br><span class="line">java    163379 root  270u     IPv6         2306091217       0t0        TCP *:21162 (LISTEN)</span><br><span class="line">java    163379 root  272u     IPv6         2306089479       0t0        TCP 172.31.96.175:8085-&gt;172.31.103.83:52612 (ESTABLISHED)</span><br><span class="line">java    163379 root  273u     IPv6         2306101388       0t0        TCP 172.31.96.175:8085-&gt;172.31.103.83:52624 (ESTABLISHED)</span><br><span class="line">java    163379 root  274u     IPv6         2306077215       0t0        TCP 172.31.96.175:8085-&gt;172.31.103.83:52626 (ESTABLISHED)</span><br><span class="line"></span><br><span class="line"><span class="comment"># 列出指定主机上的指定端口相关的所有文件信息, 3秒刷新一次</span></span><br><span class="line">lsof -i @172.31.46.2:6379,3306 -r 3</span><br></pre></td></tr></table></figure>
<h3 id="sftp"><a href="#sftp" class="headerlink" title="sftp"></a>sftp</h3><p>连接命令格式:</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">sftp user_name@remote_server_address[:远程路径]</span><br><span class="line"><span class="comment"># 例</span></span><br><span class="line">sftp root@172.31.169.140:/usr/<span class="built_in">local</span></span><br><span class="line">sftp root@172.31.169.140</span><br></pre></td></tr></table></figure>
<p>其他参数:</p>
<ul>
<li><strong>-B</strong>: buffer size, 设置传输buffer大小, 默认为32768</li>
<li><strong>-p</strong>: 当服务器自定义了连接的端口号是, 使用<code>-p</code>指定端口号</li>
<li><strong>-R</strong>: 默认64, 提高该值贵略微提高传输速度, 但会消耗更多内存</li>
</ul>
<p><strong>连接后, 执行的bash命令, 默认是操作服务器的, 如果要操作本地环境, 则需要在命令前加上字符<code>l</code>.</strong> </p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">sftp&gt;</span><span class="bash"> <span class="built_in">pwd</span></span></span><br><span class="line">Remote working directory: /usr/local</span><br><span class="line"><span class="meta">sftp&gt;</span><span class="bash"> lpwd</span></span><br><span class="line">Local working directory: /Users/tonnyyi</span><br><span class="line"><span class="meta">sftp&gt;</span><span class="bash"> ls</span></span><br><span class="line">bin        boost      etc        games      include    lib        lib64      libexec    sbin       share      src</span><br><span class="line"><span class="meta">sftp&gt;</span><span class="bash"> lls</span></span><br><span class="line">Downloads			Pictures	Public		Applications	work		Library		workspace</span><br><span class="line">Desktop				Movies		Documents			Music</span><br><span class="line"></span><br><span class="line"><span class="meta">#</span><span class="bash"> 使用!可以直接运行shell命令</span></span><br><span class="line"><span class="meta">sftp&gt;</span><span class="bash"> !df -h</span></span><br></pre></td></tr></table></figure>
<h4 id="文件传输"><a href="#文件传输" class="headerlink" title="文件传输"></a>文件传输</h4><ul>
<li><p>从服务器拉取</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 如果不指定newName, 则下载的文件和服务器的文件同名</span></span><br><span class="line">sftp&gt; get remoteFile [newName]</span><br><span class="line"></span><br><span class="line"><span class="comment"># 拉取目录</span></span><br><span class="line">sftp&gt; get -r remoteDirectory</span><br></pre></td></tr></table></figure>
</li>
</ul>
<ul>
<li><p>从本地上传</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">sftp&gt; put localFile</span><br><span class="line"></span><br><span class="line"><span class="comment"># 上传目录, 如果服务器不存在该目录则需要先创建</span></span><br><span class="line">sftp&gt; mkdir folderName</span><br><span class="line">sftp&gt; put -r folderName</span><br></pre></td></tr></table></figure>
</li>
</ul>
<h3 id="ethtool-网卡信息查看"><a href="#ethtool-网卡信息查看" class="headerlink" title="ethtool 网卡信息查看"></a>ethtool 网卡信息查看</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br></pre></td><td class="code"><pre><span class="line">[root@jzcpx-no ~]<span class="comment"># ethtool enp95s0f0</span></span><br><span class="line">Settings <span class="keyword">for</span> enp95s0f0:</span><br><span class="line">	Supported ports: [ FIBRE ]</span><br><span class="line">	Supported link modes:   10000baseT/Full</span><br><span class="line">	Supported pause frame use: Symmetric</span><br><span class="line">	Supports auto-negotiation: No</span><br><span class="line">	Advertised link modes:  Not reported</span><br><span class="line">	Advertised pause frame use: No</span><br><span class="line">	Advertised auto-negotiation: No</span><br><span class="line">	Speed: 10000Mb/s</span><br><span class="line">	Duplex: Full</span><br><span class="line">	Port: Direct Attach Copper</span><br><span class="line">	PHYAD: 0</span><br><span class="line">	Transceiver: external</span><br><span class="line">	Auto-negotiation: off</span><br><span class="line">	Supports Wake-on: g</span><br><span class="line">	Wake-on: g</span><br><span class="line">	Current message level: 0x0000000f (15)</span><br><span class="line">			       drv probe link timer</span><br><span class="line">	Link detected: yes</span><br></pre></td></tr></table></figure>
<p><code>Speed: 10000Mb/s</code>  万兆网卡,  最大1.22GB/s</p>
<h3 id="nslookup-查询DNS记录"><a href="#nslookup-查询DNS记录" class="headerlink" title="nslookup 查询DNS记录"></a>nslookup 查询DNS记录</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line">$ nslookup www.baidu.com</span><br><span class="line">Server:		100.100.2.136</span><br><span class="line">Address:	100.100.2.136<span class="comment">#53</span></span><br><span class="line"></span><br><span class="line">Non-authoritative answer:</span><br><span class="line">www.baidu.com	canonical name = www.a.shifen.com.</span><br><span class="line">Name:	www.a.shifen.com</span><br><span class="line">Address: 180.101.49.11</span><br><span class="line">Name:	www.a.shifen.com</span><br><span class="line">Address: 180.101.49.12</span><br></pre></td></tr></table></figure>
<h3 id="dig-查询DNS解析过程"><a href="#dig-查询DNS解析过程" class="headerlink" title="dig 查询DNS解析过程"></a>dig 查询DNS解析过程</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br></pre></td><td class="code"><pre><span class="line">$ dig baidu.com</span><br><span class="line"></span><br><span class="line">; &lt;&lt;&gt;&gt; DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 &lt;&lt;&gt;&gt; baidu.com</span><br><span class="line">;; global options: +cmd</span><br><span class="line">;; Got answer:</span><br><span class="line">;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 43573</span><br><span class="line">;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0</span><br><span class="line"></span><br><span class="line">;; QUESTION SECTION:</span><br><span class="line">;baidu.com.			IN	A</span><br><span class="line"></span><br><span class="line">;; ANSWER SECTION:</span><br><span class="line">baidu.com.		549	IN	A	39.156.69.79</span><br><span class="line">baidu.com.		549	IN	A	220.181.38.148</span><br><span class="line"></span><br><span class="line">;; Query time: 0 msec</span><br><span class="line">;; SERVER: 100.100.2.136<span class="comment">#53(100.100.2.136)</span></span><br><span class="line">;; WHEN: 二 9月 29 18:37:00 CST 2020</span><br><span class="line">;; MSG SIZE  rcvd: 59</span><br></pre></td></tr></table></figure>
<h3 id="tcpdump-抓包"><a href="#tcpdump-抓包" class="headerlink" title="tcpdump 抓包"></a>tcpdump 抓包</h3><p><img src="https://tonnyblog.oss-cn-beijing.aliyuncs.com/img/20210806174355.jpeg" alt="技术分享"></p>
<p>抓取经过eth0接口请求8080端口的tcp请求</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">tcpdump tcp -i eth0 -s 0 -nn -vvv and port 8080 -w tcpdump.cap</span><br><span class="line"></span><br><span class="line"><span class="comment"># 使用wireshark实时分析</span></span><br><span class="line">ssh root@172.31.47.13 tcpdump -i enp95s0f0 tcp -s 0 -nn -w - <span class="string">'port 8085'</span> | /Applications/Wireshark.app/Contents/MacOS/Wireshark -k -i -</span><br></pre></td></tr></table></figure>
<ul>
<li>类型: <code>host</code> <code>net</code> <code>port</code>  </li>
<li>方向: <code>src</code> <code>dst</code> <code>src or dst</code> <code>src and dst</code></li>
<li>协议：<code>ip</code> <code>tcp</code> <code>udp</code> <code>arp</code> <code>icmp</code>….</li>
</ul>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 实时查看</span></span><br><span class="line">tcpdump -i eno1 tcp -s 0 -S -nn -tttt and port 8080</span><br><span class="line"></span><br><span class="line">tcpdump -i eno1 -Alnvs0 -w /tmp/tcpdump.pcap</span><br><span class="line"></span><br><span class="line">tcpdump tcp -i eth0 -t -s 0 -c 100 -n and dst port ! 22 and src net 192.168.1.0/24 -w tcpdump.pcap</span><br></pre></td></tr></table></figure>
<ul>
<li><code>tcp</code> : tcp udp ip ip6 icmp arp等这些选项都要放到第一个参数的位置，用来过滤数据报的类型</li>
<li><code>-i eth0</code>：只抓取接口eth0的包</li>
<li><strong><code>-s 0</code></strong>：默认只抓取68字节，加上<code>-s 0</code>后可以抓取完整的数据包</li>
<li><code>-c 100</code>：只抓取100个数据包</li>
<li><code>dst port ! 22</code>：不抓取目标端口是22的数据包</li>
<li><code>src net 192.168.1.0/24</code>：数据包的源网络地址为192.168.1.0/24</li>
<li><code>-w tcpdump.pcap</code>：抓取结果写入文件</li>
<li><strong><code>-X</code></strong>：以16进制和ASCII码显示包数据，<strong>现场分析数据包内容必备</strong></li>
<li><code>-e</code>: 显示数据链路层信息, <strong>显示mac地址</strong>已经vlan信息</li>
<li><code>-p</code>: 不进入混杂模式, 屏蔽交换机在混杂模式下的噪声, 只接受给自己的数据, 不能与host或broadcast一起使用</li>
</ul>
<h5 id="常见的-TCP-报文的-Flags"><a href="#常见的-TCP-报文的-Flags" class="headerlink" title="常见的 TCP 报文的 Flags:"></a>常见的 TCP 报文的 Flags:</h5><ul>
<li><code>[S]</code> : SYN（开始连接）</li>
<li><code>[.]</code> : 没有 Flag</li>
<li><code>[P]</code> : PSH（推送数据）</li>
<li><code>[F]</code> : FIN （结束连接）</li>
<li><code>[R]</code> : RST（重置连接）</li>
</ul>
<h5 id="设置不解析域名提示速度"><a href="#设置不解析域名提示速度" class="headerlink" title="设置不解析域名提示速度"></a>设置不解析域名提示速度</h5><ul>
<li><code>-n</code>：将IP以数字形式显示，否则显示为主机名</li>
<li><strong><code>-nn</code></strong>：除了有<code>-n</code>的作用，还把端口显示为数值，否则显示为端口服务名</li>
<li><code>-N</code>：不打印host的域名部分</li>
</ul>
<h5 id="控制详细内容的输出"><a href="#控制详细内容的输出" class="headerlink" title="控制详细内容的输出"></a>控制详细内容的输出</h5><ul>
<li><code>-v</code>：产生详细的输出. 比如包的TTL，id标识，数据包长度，以及IP包的一些选项。同时它还会打开一些附加的包完整性检测，比如对IP或ICMP包头部的校验和。</li>
<li><code>-vv</code>：产生比-v更详细的输出. 比如NFS回应包中的附加域将会被打印, SMB数据包也会被完全解码。（摘自网络，目前我还未使用过）</li>
<li><code>-vvv</code>：产生比-vv更详细的输出。比如 telent 时所使用的SB, SE 选项将会被打印, 如果telnet同时使用的是图形界面，其相应的图形选项将会以16进制的方式打印出来（摘自网络，目前我还未使用过）</li>
</ul>
<h5 id="控制时间的显示"><a href="#控制时间的显示" class="headerlink" title="控制时间的显示"></a>控制时间的显示</h5><ul>
<li><code>-t</code>：在每行的输出中不输出时间</li>
<li><code>-tt</code>：在每行的输出中会输出时间戳(相对1970-01-01)</li>
<li><code>-ttt</code>：输出每两行的时间间隔(以毫秒为单位)</li>
<li><code>-tttt</code>：在每行的时间戳之前添加日期（此种选项，输出的时间最直观）</li>
</ul>
<h5 id="显示数据包的头部"><a href="#显示数据包的头部" class="headerlink" title="显示数据包的头部"></a>显示数据包的头部</h5><ul>
<li><code>-x</code>：以16进制的形式打印每个包的头部数据（但不包括数据链路层的头部）</li>
<li><code>-xx</code>：以16进制的形式打印每个包的头部数据（包括数据链路层的头部）</li>
<li><code>-X</code>：以16进制和 ASCII码形式打印出每个包的数据(但不包括连接层的头部)，这在分析一些新协议的数据包很方便。</li>
<li><code>-XX</code>：以16进制和 ASCII码形式打印出每个包的数据(包括连接层的头部)，这在分析一些新协议的数据包很方便。</li>
</ul>
<h5 id="对输出内容进行控制的参数"><a href="#对输出内容进行控制的参数" class="headerlink" title="对输出内容进行控制的参数"></a>对输出内容进行控制的参数</h5><ul>
<li><code>-D</code> : 显示所有可用网络接口的列表</li>
<li><code>-e</code> : 每行的打印输出中将包括数据包的数据链路层头部信息</li>
<li><code>-E</code> : 揭秘IPSEC数据</li>
<li><code>-L</code> ：列出指定网络接口所支持的数据链路层的类型后退出</li>
<li><code>-Z</code>：后接用户名，在抓包时会受到权限的限制。如果以root用户启动tcpdump，tcpdump将会有超级用户权限。</li>
<li><code>-d</code>：打印出易读的包匹配码</li>
<li><code>-dd</code>：以C语言的形式打印出包匹配码.</li>
<li><code>-ddd</code>：以十进制数的形式打印出包匹配码</li>
</ul>
<h5 id="过滤特定流向的数据包"><a href="#过滤特定流向的数据包" class="headerlink" title="过滤特定流向的数据包"></a>过滤特定流向的数据包</h5><ul>
<li><code>-Q</code>： 选择是入方向还是出方向的数据包，可选项有：in, out, inout，也可以使用 –direction=[direction] 这种写法</li>
</ul>
<h5 id="其他参数"><a href="#其他参数" class="headerlink" title="其他参数"></a>其他参数</h5><ul>
<li><code>-A</code>：以ASCII码方式显示每一个数据包(不显示链路层头部信息). 在抓取包含网页数据的数据包时, 可方便查看数据</li>
<li><code>-l</code> : 基于行的输出，便于你保存查看，或者交给其它工具分析</li>
<li><code>-q</code> : 简洁地打印输出。即打印很少的协议相关信息, 从而输出行都比较简短.</li>
<li><code>-c</code> : 捕获 count 个包 tcpdump 就退出</li>
<li><code>-s</code> :  tcpdump 默认只会截取前 <code>96</code> 字节的内容，要想截取所有的报文内容，可以使用 <code>-s number</code>， <code>number</code> 就是你要截取的报文字节数，如果是 0 的话，表示截取报文全部内容。</li>
<li><code>-S</code> : 使用绝对序列号，而不是相对序列号</li>
<li><code>-C</code>：file-size，tcpdump 在把原始数据包直接保存到文件中之前, 检查此文件大小是否超过file-size. 如果超过了, 将关闭此文件,另创一个文件继续用于原始数据包的记录. 新创建的文件名与-w 选项指定的文件名一致, 但文件名后多了一个数字.该数字会从1开始随着新创建文件的增多而增加. file-size的单位是百万字节(nt: 这里指1,000,000个字节,并非1,048,576个字节, 后者是以1024字节为1k, 1024k字节为1M计算所得, 即1M=1024 ＊ 1024 ＝ 1,048,576)</li>
<li><code>-F</code>：使用file 文件作为过滤条件表达式的输入, 此时命令行上的输入将被</li>
</ul>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br><span class="line">68</span><br><span class="line">69</span><br><span class="line">70</span><br><span class="line">71</span><br><span class="line">72</span><br><span class="line">73</span><br><span class="line">74</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 监听特定网卡</span></span><br><span class="line">tcpdump -i eth0</span><br><span class="line"></span><br><span class="line"><span class="comment"># 监听特定主机  监听与172.31.46.2主机间的通信，出入的包都会被监听</span></span><br><span class="line">tcpdump host 172.31.46.2</span><br><span class="line"><span class="comment"># 监听与百度之间的通信</span></span><br><span class="line">tcpdump -i en6 host www.baidu.com</span><br><span class="line"></span><br><span class="line"><span class="comment"># 根据发送/接收主机监听</span></span><br><span class="line">tcpdump src host 172.31.46.2</span><br><span class="line">tcpdump dst host 172.31.46.2</span><br><span class="line"></span><br><span class="line"><span class="comment"># 过滤特定主机的特定协议</span></span><br><span class="line">tcpdump tcp src host 192.168.10.100</span><br><span class="line"></span><br><span class="line"><span class="comment"># 监听特定网段</span></span><br><span class="line">tcpdump net 192.168.10.0/24</span><br><span class="line"><span class="comment"># 根据目标网段进行过滤</span></span><br><span class="line">tcpdump dst net 192.168</span><br><span class="line"></span><br><span class="line"><span class="comment"># 监听特定端口</span></span><br><span class="line">tcpdump port 8080</span><br><span class="line"><span class="comment"># 根据目标端口进行过滤</span></span><br><span class="line">tcpdump dst port 8088</span><br><span class="line"><span class="comment"># 监听多个端口</span></span><br><span class="line">tcpdump port 80 or port 8088</span><br><span class="line">tcpdump port 80 or 8088</span><br><span class="line"><span class="comment"># 监听端口范围</span></span><br><span class="line">tcpdump dst portrange 8000-8080</span><br><span class="line"><span class="comment"># 监听常见协议的默认端口时，可以直接使用协议名，不用具体的端口号</span></span><br><span class="line">tcpdump tcp port http</span><br><span class="line"></span><br><span class="line"><span class="comment"># 监听IPv4</span></span><br><span class="line">tcpdump <span class="string">'ip proto tcp'</span></span><br><span class="line">tcpdump ip proto 6</span><br><span class="line"><span class="comment"># 监听IPv6</span></span><br><span class="line">tcpdump <span class="string">'ip6 proto tcp'</span></span><br><span class="line">tcpdump ip6 proto 6</span><br><span class="line"></span><br><span class="line"><span class="comment"># 监听来自172.31.46.2的请求本机8080端口的tcp通信</span></span><br><span class="line">tcpdump tcp port 8080 and src host 172.31.46.2</span><br><span class="line"></span><br><span class="line"><span class="comment"># 组合</span></span><br><span class="line">tcpdump <span class="string">'src 10.0.2.4 and (dst port 3389 or 22)'</span></span><br><span class="line"><span class="comment"># 过滤来自进程名为 nc 发出的流经 en0 网卡的数据包，或者不流经 en0 的入方向数据包</span></span><br><span class="line">tcpdump <span class="string">"( if=en0 and proc=nc ) || (if != en0 and dir=in)"</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 抓取syn包</span></span><br><span class="line"><span class="comment"># 第一种写法：使用数字表示偏移量</span></span><br><span class="line">tcpdump -i eth0 <span class="string">"tcp[13] &amp; 2 != 0"</span> </span><br><span class="line"><span class="comment"># 第二种写法：使用别名常量表示偏移量</span></span><br><span class="line">tcpdump -i eth0 <span class="string">"tcp[tcpflags] &amp; tcp-syn != 0"</span> </span><br><span class="line"><span class="comment"># 第三种写法：使用混合写法</span></span><br><span class="line">tcpdump -i eth0 <span class="string">"tcp[tcpflags] &amp; 2 != 0"</span> </span><br><span class="line">tcpdump -i eth0 <span class="string">"tcp[13] &amp; tcp-syn != 0"</span> </span><br><span class="line"></span><br><span class="line"><span class="comment"># 根据包大小过滤  less 32 </span></span><br><span class="line">tcpdump -n -i eth0 -A -x dst port 443 and greater 100</span><br><span class="line"></span><br><span class="line"><span class="comment"># 抓取80端口的HTTP有效包，排除 TCP 连接建立过程的数据包（SYN / FIN / ACK）</span></span><br><span class="line">tcpdump <span class="string">'tcp port 80 and (((ip[2:2] - ((ip[0]&amp;0xf)&lt;&lt;2)) - ((tcp[12]&amp;0xf0)&gt;&gt;2)) != 0)'</span></span><br><span class="line"><span class="comment"># 抓取Http GET</span></span><br><span class="line">tcpdump -s 0 -A -vv <span class="string">'tcp[((tcp[12:1] &amp; 0xf0) &gt;&gt; 2):4] = 0x47455420'</span></span><br><span class="line"><span class="comment"># 抓取Http POST请求</span></span><br><span class="line">tcpdump -s 0 -A -vv <span class="string">'tcp[((tcp[12:1] &amp; 0xf0) &gt;&gt; 2):4] = 0x504f5354'</span></span><br><span class="line"><span class="comment"># GET OR POST</span></span><br><span class="line">tcpdump -i enp0s8 -s 0 -A <span class="string">'tcp dst port 80 or tcp dst port 443 and tcp[((tcp[12:1] &amp; 0xf0) &gt;&gt; 2):4] = 0x47455420 or tcp[((tcp[12:1] &amp; 0xf0) &gt;&gt; 2):4] = 0x504F5354'</span> and host 192.168.10.1</span><br><span class="line"></span><br><span class="line"><span class="comment"># 找出一段时间内发包最多的 IP，或者从一堆报文中找出发包最多的 IP</span></span><br><span class="line"><span class="comment"># cut -f 1,2,3,4 -d '.' : 以 . 为分隔符，打印出每行的前四列。即 IP 地址。sort | uniq -c : 排序并计数。sort -nr : 按照数值大小逆向排序</span></span><br><span class="line">tcpdump -nnn -t -c 200 | cut -f 1,2,3,4 -d <span class="string">'.'</span> | sort | uniq -c | sort -nr | head -n 20</span><br><span class="line"></span><br><span class="line"><span class="comment"># 切割pcap文件 每3600秒创建一个新文件capture-(hour).pcap，每个文件大小不超过 200*1000000 字节</span></span><br><span class="line">tcpdump  -w /tmp/capture-%H.pcap -G 3600 -C 200</span><br></pre></td></tr></table></figure>
<h4 id="wireshark-使用"><a href="#wireshark-使用" class="headerlink" title="wireshark 使用"></a>wireshark 使用</h4><p>通常 <code>Wireshark</code>（或 tshark）比 tcpdump 更容易分析应用层协议。一般的做法是在远程服务器上先使用 <code>tcpdump</code> 抓取数据并写入文件，然后再将文件拷贝到本地工作站上用 <code>Wireshark</code> 分析。</p>
<p>还有一种更高效的方法，可以通过 ssh 连接将抓取到的数据实时发送给 Wireshark 进行分析。</p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">#</span><span class="bash"> 使用wireshark实时分析</span></span><br><span class="line">ssh root@172.31.47.13 tcpdump -i enp95s0f0 tcp -s 0 -nn -w - 'port 8085' | /Applications/Wireshark.app/Contents/MacOS/Wireshark -k -i -</span><br></pre></td></tr></table></figure>
<h5 id="过滤器语法"><a href="#过滤器语法" class="headerlink" title="过滤器语法"></a><a href="https://gitlab.com/wireshark/wireshark/-/wikis/DisplayFilters" target="_blank" rel="noopener">过滤器语法</a></h5><ol>
<li><p>根据IP过滤</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># ip过滤</span></span><br><span class="line">ip.addr == 10.43.54.65</span><br><span class="line"><span class="comment"># 等同于</span></span><br><span class="line">ip.src == 10.43.54.65 or ip.dst == 10.43.54.65</span><br><span class="line"></span><br><span class="line">ip.addr != 10.43.54.65</span><br><span class="line"><span class="comment"># 等同于</span></span><br><span class="line">ip.src != 10.43.54.65 or ip.dst != 10.43.54.65</span><br><span class="line"></span><br><span class="line">!(ip.addr == 10.43.54.65)</span><br><span class="line"><span class="comment"># 等同于 这个更常用</span></span><br><span class="line">!(ip.src == 10.43.54.65 or ip.dst == 10.43.54.65)</span><br><span class="line"></span><br><span class="line"><span class="comment"># 网段过滤</span></span><br><span class="line">ip.src==192.168.0.0/16 and ip.dst==192.168.0.0/16</span><br><span class="line"></span><br><span class="line">ip.addr <span class="keyword">in</span> &#123;10.0.0.5 .. 10.0.0.9 192.168.1.1..192.168.1.9&#125;</span><br></pre></td></tr></table></figure>
</li>
<li><p>根据端口过滤</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">tcp.port == 25</span><br><span class="line">tcp.port <span class="keyword">in</span> &#123;80 443 8080&#125;</span><br><span class="line">tcp.port == 443 || (tcp.port &gt;= 4430 &amp;&amp; tcp.port &lt;= 4434)</span><br><span class="line">tcp.dstport == 23</span><br><span class="line">tcp.srcport == 23</span><br></pre></td></tr></table></figure>
</li>
<li><p>HTTP协议过滤</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 主机过滤</span></span><br><span class="line">http.host == <span class="string">"www.baidu.com"</span></span><br><span class="line">http contains <span class="string">"HTTP/1.1 200 OK"</span> &amp;&amp; http contains <span class="string">"application/json"</span></span><br><span class="line"><span class="comment"># 其他常用条件</span></span><br><span class="line">http.accept</span><br><span class="line">http.location</span><br><span class="line">http.request.method</span><br><span class="line">http.request.uri</span><br><span class="line">http.response.code</span><br><span class="line">http.server</span><br><span class="line">http.referer</span><br><span class="line"></span><br><span class="line"><span class="comment"># http uri结尾字符</span></span><br><span class="line">http.request.uri matches <span class="string">"gl=se$"</span></span><br></pre></td></tr></table></figure>
</li>
<li><p>根据MAC过滤</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">eth.dst == A0:00:00:04:C5:84 // 过滤目标mac</span><br><span class="line">eth.src eq A0:00:00:04:C5:84 // 过滤来源mac</span><br><span class="line">eth.addr eq A0:00:00:04:C5:84 // 过滤来源MAC和目标MAC都等于A0:00:00:04:C5:84的</span><br></pre></td></tr></table></figure>
</li>
</ol>
<h3 id="wget-文件下载"><a href="#wget-文件下载" class="headerlink" title="wget 文件下载"></a>wget 文件下载</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br></pre></td><td class="code"><pre><span class="line">wget -O file www.xx.com		<span class="comment"># 保存到指定文件</span></span><br><span class="line">wget -i urls.txt -P path/dic   <span class="comment"># 从文件读取链接, 下载到指定目录</span></span><br><span class="line"></span><br><span class="line">wget www.xxx.com/test.html	<span class="comment"># 获取网页内容并保存到test.html文件</span></span><br><span class="line">wget -a file www.yy.com     <span class="comment"># 追加到文件</span></span><br><span class="line">wget -o <span class="built_in">log</span> www.xx.com      <span class="comment"># 下载记录保存到log文件</span></span><br><span class="line">wget -t 40 www.xx.com       <span class="comment"># 最多重试40次(默认20)</span></span><br><span class="line">wget -S www.xx.com/sdf      <span class="comment"># 测试链接是否正确</span></span><br><span class="line">wget --<span class="built_in">limit</span>-rate=300k www.xx.com   <span class="comment"># 限速下载</span></span><br><span class="line">wget -b www.xx.com			<span class="comment"># 后台下载</span></span><br><span class="line">wget -c www.xx.com			<span class="comment"># 断点续传</span></span><br><span class="line">wget --<span class="built_in">limit</span>-rate=300K      <span class="comment"># 限速下载</span></span><br><span class="line">wget --reject=gif www.xx.com    <span class="comment"># 不下载gif文件</span></span><br><span class="line">wget -r -A pdf www.xx.com   <span class="comment"># 只下载pdf文件</span></span><br><span class="line">wget --user=username --password=password https://example.com   <span class="comment"># auth验证</span></span><br></pre></td></tr></table></figure>
<h3 id="curl"><a href="#curl" class="headerlink" title="curl"></a>curl</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># GET www.xx.com/search?a=aa&amp;b=bb</span></span><br><span class="line">curl -G -d <span class="string">'a=aa'</span> -d <span class="string">'b=bb'</span> www.xx.com/search</span><br><span class="line"><span class="comment"># URL 编码</span></span><br><span class="line">curl -G --data-urlencode <span class="string">'s=kk a'</span> www.xx.com</span><br><span class="line"></span><br><span class="line"><span class="comment"># POST </span></span><br><span class="line"><span class="comment"># 加 -d 后会自动加上请求头 Content-Type : application/x-www-form-urlencoded, 且请求转为 POST</span></span><br><span class="line">curl -d <span class="string">'@data.txt'</span> www.xx.com      <span class="comment"># 读取文件内容作为请求体发送 </span></span><br><span class="line">curl -d <span class="string">'name=bob'</span> www.xx.com/form  <span class="comment"># post提交表单</span></span><br><span class="line">curl -X POST --data <span class="string">"key=value"</span> www.xx.com  <span class="comment"># post发送参数</span></span><br><span class="line">curl -X POST --date-urlencode <span class="string">"a=aa"</span> www.xx.com        <span class="comment"># 自动将发送的数据进行URL 编码</span></span><br><span class="line">curl -d <span class="string">'&#123;"a":"aa"&#125;'</span> -H <span class="string">'Content-Type: application/json'</span> www.xx.com   <span class="comment"># 发送json请求</span></span><br><span class="line"><span class="comment"># 上传文件和其他参数 --form会导致请求类型为 multipart/form-data</span></span><br><span class="line">curl -X POST <span class="string">'172.31.46.2:7777'</span> \</span><br><span class="line">--form <span class="string">'file=@"/tmp/opencv-test/000136.jpg"'</span> \</span><br><span class="line">--form <span class="string">'flags="2"'</span> \</span><br><span class="line">--form <span class="string">'borderMode="1"'</span></span><br><span class="line"></span><br><span class="line"><span class="comment">#上传</span></span><br><span class="line"><span class="comment"># -F 用来上传二进制文件, 会自动加上请求头Content-Type: multipart/form-data</span></span><br><span class="line">curl -F <span class="string">'file=@photo.png'</span> www.xx.com</span><br><span class="line"><span class="comment"># 指定MIME类型, 默认是application/octet-stream</span></span><br><span class="line">curl -F <span class="string">'file=@photo.png;type=image/png'</span> www.xx.com</span><br><span class="line">curl -F <span class="string">'file=@photo.png;filename=test.png'</span> www.xx.com</span><br><span class="line"><span class="comment"># 下载</span></span><br><span class="line">curl -O www.xx.com            <span class="comment"># 以服务器上的名称保存</span></span><br><span class="line">curl -o file www.xx.com       <span class="comment"># 下载链接内容到指定文件</span></span><br><span class="line">curl -O www.xx.com/pic[1-5].jpg     <span class="comment"># 循环下载(pic1.jpg...pic5.jpg)</span></span><br><span class="line">curl -o <span class="comment">#1_#2.jpg ww.xxcom/&#123;user,goods&#125;/pic[1-5].jpg    # 循环下载并重命名</span></span><br><span class="line">curl -<span class="comment"># -O www.xx.com/pic.jpg       # 显示下载进度条</span></span><br><span class="line">curl -C -O www.xx.com/pic.jpg       <span class="comment"># 断点续传</span></span><br><span class="line"><span class="comment"># 分块下载</span></span><br><span class="line">curl -r 0-100 -o pic_part1.jpg www.xx.com/pic.jpg</span><br><span class="line">curl -r 100-200 -o pic_part2.jpg www.xx.com/pic.jpg</span><br><span class="line">curl -r 200- -o pic_part3.jpg www.xx.com/pic.jpg</span><br><span class="line">cat pic_part* &gt; pic.jpg</span><br><span class="line"></span><br><span class="line"><span class="comment"># 发送HEAD请求</span></span><br><span class="line">curl -I www.xx.com</span><br><span class="line">curl --head www.xx.com</span><br><span class="line"></span><br><span class="line"><span class="comment"># 设置请求头</span></span><br><span class="line">curl -H <span class="string">'My-Header: 123'</span> -X PUT www.xx.com      <span class="comment"># 增加请求头, 指定方法, 等于--header</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 跳过SSL检测</span></span><br><span class="line">curl -k https://www.xx.com</span><br><span class="line"></span><br><span class="line"><span class="comment"># cookie</span></span><br><span class="line">curl --cookie <span class="string">"name=xxx"</span> www.xx.com     <span class="comment"># 设置cookie</span></span><br><span class="line">curl -b cookie.txt www.xx.com       <span class="comment"># 带上cookie访问</span></span><br><span class="line">curl -b <span class="string">'a=aa,b=bb'</span> www.xx.com   </span><br><span class="line">curl -c cookie.txt www.xx.com       <span class="comment"># 将服务器设置的cookie信息保存到文件</span></span><br><span class="line">curl -D header.txt www.xx.com       <span class="comment"># 保存响应头到文件</span></span><br><span class="line">curl -A <span class="string">"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.0)"</span> http://www.linux.com</span><br><span class="line"></span><br><span class="line">curl www.xx.com         <span class="comment"># 打印html内容</span></span><br><span class="line">curl -i www.xx.com      <span class="comment"># 打印内容和响应头</span></span><br><span class="line">curl -I www.xx.com      <span class="comment"># 只显示响应头信息</span></span><br><span class="line">curl --refere www.yy.com www.xx.com     <span class="comment"># 设置来源</span></span><br><span class="line">curl -L www.xx.com      <span class="comment"># 自动跳转, 遇到301响应时</span></span><br><span class="line">curl -s www.xx.com      <span class="comment"># 不输出错误和进度信息 但会显示正常结果</span></span><br><span class="line">curl -s -o /dev/null www.xx.com   <span class="comment"># 不显示任何信息</span></span><br><span class="line">curl -u <span class="string">'admin:12345'</span> www.xx.com  <span class="comment"># 认证</span></span><br><span class="line">curl -o /dev/null -s -w %&#123;http_code&#125; www.linux.com  <span class="comment"># 测试网页响应code</span></span><br><span class="line">curl -v www.xx.com      <span class="comment"># 显示http通信完整过程, 包括端口和头信息, 用于调试</span></span><br><span class="line">curl --trace output.txt www.xxx.com     <span class="comment"># 更详细的信息</span></span><br><span class="line">curl -x admin:12345@localhost:7890 www.xx.com  <span class="comment"># 走代理</span></span><br></pre></td></tr></table></figure>
<h3 id="scp-远程拷贝"><a href="#scp-远程拷贝" class="headerlink" title="scp 远程拷贝"></a>scp 远程拷贝</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 从远程拷贝回本地</span></span><br><span class="line">$ scp root@10.6.159.147:/opt/soft/demo.tar /opt/soft/</span><br><span class="line"></span><br><span class="line"><span class="comment"># 递归复制整个目录</span></span><br><span class="line">$ scp -r root@10.6.159.147:/opt/soft/<span class="built_in">test</span> /opt/soft/</span><br><span class="line"></span><br><span class="line"><span class="comment"># 上传到远程</span></span><br><span class="line">$ scp /opt/soft/demo.tar root@10.6.159.147:/opt/soft/scptest</span><br></pre></td></tr></table></figure>
<h3 id="文件传输RZ、SZ"><a href="#文件传输RZ、SZ" class="headerlink" title="文件传输RZ、SZ"></a>文件传输RZ、SZ</h3><p>xshell下可以使用，只适合小的文件传输</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 安装</span></span><br><span class="line">$ yum install -y lrzsz.x86_64</span><br><span class="line"></span><br><span class="line"><span class="comment"># 下载</span></span><br><span class="line">$ sz xxx</span><br><span class="line"><span class="comment"># 弹窗确认保存位置</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 上传</span></span><br><span class="line">$ rz</span><br><span class="line"><span class="comment"># 弹窗选择文件</span></span><br></pre></td></tr></table></figure>
<h3 id="mount-磁盘挂载"><a href="#mount-磁盘挂载" class="headerlink" title="mount 磁盘挂载"></a>mount 磁盘挂载</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 列出文件系统的整体磁盘空间使用情况</span></span><br><span class="line">$ df -h</span><br><span class="line">文件系统        容量  已用  可用 已用% 挂载点</span><br><span class="line">/dev/sda2       223G  6.8G  216G    4% /</span><br><span class="line">devtmpfs        126G     0  126G    0% /dev</span><br><span class="line">tmpfs           126G     0  126G    0% /dev/shm</span><br><span class="line">tmpfs           126G   19M  126G    1% /run</span><br><span class="line">tmpfs           126G     0  126G    0% /sys/fs/cgroup</span><br><span class="line">/dev/sda1       494M  158M  337M   32% /boot</span><br><span class="line">/dev/sdb1       2.0T   42G  2.0T    3% /iflytek</span><br><span class="line">tmpfs            26G     0   26G    0% /run/user/0</span><br><span class="line"></span><br><span class="line"><span class="comment"># 列出所有可用块设备的信息，显示他们之间的依赖关系</span></span><br><span class="line">$ lsblk</span><br><span class="line">NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT</span><br><span class="line">sda      8:0    0 223.1G  0 disk</span><br><span class="line">├─sda1   8:1    0   500M  0 part /boot</span><br><span class="line">└─sda2   8:2    0 222.6G  0 part /</span><br><span class="line">sdb      8:16   0   7.3T  0 disk</span><br><span class="line">└─sdb1   8:17   0     2T  0 part /iflytek</span><br></pre></td></tr></table></figure>
<p>这里以CentOS下创建xfs为例</p>
<p>centos7.0开始默认文件系统是xfs，centos6是ext4，centos5是ext3</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br><span class="line">68</span><br><span class="line">69</span><br><span class="line">70</span><br><span class="line">71</span><br><span class="line">72</span><br><span class="line">73</span><br><span class="line">74</span><br><span class="line">75</span><br><span class="line">76</span><br><span class="line">77</span><br><span class="line">78</span><br><span class="line">79</span><br><span class="line">80</span><br><span class="line">81</span><br><span class="line">82</span><br><span class="line">83</span><br><span class="line">84</span><br><span class="line">85</span><br><span class="line">86</span><br><span class="line">87</span><br><span class="line">88</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 1 安装XFS系统工具集</span></span><br><span class="line"><span class="comment"># Fedora, CentOS, RHEL系统:</span></span><br><span class="line">$ sudo yum install xfsprogs</span><br><span class="line"><span class="comment"># 很多Linux系统将XFS作为默认文件系统，所以无需安装, 比如Centos 7.3就无需安装</span></span><br><span class="line"><span class="comment"># Debian, Ubuntu , Linux Mint系统：</span></span><br><span class="line">$ sudo apt-get install xfsprogs</span><br><span class="line"></span><br><span class="line"><span class="comment"># 2 创建xfs格式分区</span></span><br><span class="line"><span class="comment"># 查看下是否有分区</span></span><br><span class="line">$ fdisk -l</span><br><span class="line">Disk /dev/sdb: 323.2 GB, 323196289024 bytes, 631242752 sectors</span><br><span class="line">Units = sectors of 1 * 512 = 512 bytes</span><br><span class="line">Sector size (logical/physical): 512 bytes / 512 bytes</span><br><span class="line">I/O size (minimum/optimal): 512 bytes / 512 bytes</span><br><span class="line"></span><br><span class="line"><span class="comment"># 开始分区</span></span><br><span class="line">$ fdisk /dev/sdb</span><br><span class="line">Welcome to fdisk (util-linux 2.23.2).</span><br><span class="line"> </span><br><span class="line">Changes will remain <span class="keyword">in</span> memory only, until you decide to write them.</span><br><span class="line">Be careful before using the write <span class="built_in">command</span>.</span><br><span class="line"> </span><br><span class="line">Device does not contain a recognized partition table</span><br><span class="line">Building a new DOS disklabel with disk identifier 0xafc7c358.</span><br><span class="line"><span class="comment"># 输入n 添加分区 </span></span><br><span class="line">Command (m <span class="keyword">for</span> <span class="built_in">help</span>): n</span><br><span class="line">Partition <span class="built_in">type</span>:</span><br><span class="line">   p   primary (0 primary, 0 extended, 4 free)</span><br><span class="line">   e   extended</span><br><span class="line"><span class="comment"># 输入p 指定为主分区   </span></span><br><span class="line">Select (default p): p</span><br><span class="line"><span class="comment"># 输入分区编号</span></span><br><span class="line">Partition number (1-4, default 1): 1</span><br><span class="line"><span class="comment"># 一路默认</span></span><br><span class="line">First sector (2048-631242751, default 2048): </span><br><span class="line">Using default value 2048</span><br><span class="line">Last sector, +sectors or +size&#123;K,M,G&#125; (2048-631242751, default 631242751): </span><br><span class="line">Using default value 631242751</span><br><span class="line">Partition 1 of <span class="built_in">type</span> Linux and of size 301 GiB is <span class="built_in">set</span></span><br><span class="line"><span class="comment"># 输入w 保存配置并退出</span></span><br><span class="line">Command (m <span class="keyword">for</span> <span class="built_in">help</span>): w</span><br><span class="line">The partition table has been altered!</span><br><span class="line"> </span><br><span class="line">Calling ioctl() to re-read partition table.</span><br><span class="line">Syncing disks.</span><br><span class="line"></span><br><span class="line"><span class="comment"># 3 格式化分区为xfs 如果已有其他文件系统创建在此分区，必须加上"-f"参数来覆盖它。</span></span><br><span class="line">$ mkfs.xfs -f  /dev/sdb</span><br><span class="line">meta-data=/dev/sdb               isize=512    agcount=4, agsize=19726336 blks</span><br><span class="line">         =                       sectsz=512   attr=2, projid32bit=1</span><br><span class="line">         =                       crc=1        finobt=0, sparse=0</span><br><span class="line">data     =                       bsize=4096   blocks=78905344, imaxpct=25</span><br><span class="line">         =                       sunit=0      swidth=0 blks</span><br><span class="line">naming   =version 2              bsize=4096   ascii-ci=0 ftype=1</span><br><span class="line"><span class="built_in">log</span>      =internal <span class="built_in">log</span>           bsize=4096   blocks=38528, version=2</span><br><span class="line">         =                       sectsz=512   sunit=0 blks, lazy-count=1</span><br><span class="line">realtime =none                   extsz=4096   blocks=0, rtextents=0</span><br><span class="line"></span><br><span class="line"><span class="comment"># 4 挂载</span></span><br><span class="line">$ mkdir /mysql</span><br><span class="line">$ mount  -t  xfs  /dev/sdb  /mysql</span><br><span class="line"><span class="comment"># 验证XFS挂载是否成功</span></span><br><span class="line">$ df -Th /dev/sdb</span><br><span class="line">Filesystem     Type 1K-blocks  Used Available Use% Mounted on</span><br><span class="line">/dev/sdb       xfs  315467264 32944 315434320   1% /mysql</span><br><span class="line">$ df -h</span><br><span class="line">Filesystem      Size  Used Avail Use% Mounted on</span><br><span class="line">/dev/sda2        30G   22G  8.2G  73% /</span><br><span class="line">devtmpfs        1.7G     0  1.7G   0% /dev</span><br><span class="line">tmpfs           1.7G     0  1.7G   0% /dev/shm</span><br><span class="line">tmpfs           1.7G   25M  1.7G   2% /run</span><br><span class="line">tmpfs           1.7G     0  1.7G   0% /sys/fs/cgroup</span><br><span class="line">/dev/sda1       497M   62M  436M  13% /boot</span><br><span class="line">/dev/sdc1       133G  4.2G  122G   4% /mnt/resource</span><br><span class="line">tmpfs           344M     0  344M   0% /run/user/1000</span><br><span class="line">/dev/sdb        301G   33M  301G   1% /mysql</span><br><span class="line"></span><br><span class="line"><span class="comment"># 5 开机自动挂载</span></span><br><span class="line">$ vim /etc/fstab</span><br><span class="line"><span class="comment"># 追加如下一行</span></span><br><span class="line">/dev/sdb1		/iflytek 			xfs			defaults		0 0</span><br><span class="line"></span><br><span class="line"><span class="comment"># 可以使用UUID替换对应的设备</span></span><br><span class="line">$ blkid /dev/sdb1</span><br><span class="line">/dev/sdb1: UUID=<span class="string">"23c36f8a-04cb-4cfc-8fdd-663379c4563c"</span> TYPE=<span class="string">"xfs"</span></span><br><span class="line"></span><br><span class="line">$ vim /etc/fstab</span><br><span class="line">UUID=23c36f8a-04cb-4cfc-8fdd-663379c4563c		/iflytek 	xfs		defaults	0 0</span><br></pre></td></tr></table></figure>
<p>查看磁盘分区的文件系统类型</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br></pre></td><td class="code"><pre><span class="line">$ df -Th</span><br><span class="line">文件系统       类型      容量  已用  可用 已用% 挂载点</span><br><span class="line">/dev/sda2      xfs       223G  6.8G  216G    4% /</span><br><span class="line">devtmpfs       devtmpfs  126G     0  126G    0% /dev</span><br><span class="line">tmpfs          tmpfs     126G     0  126G    0% /dev/shm</span><br><span class="line">tmpfs          tmpfs     126G   19M  126G    1% /run</span><br><span class="line">tmpfs          tmpfs     126G     0  126G    0% /sys/fs/cgroup</span><br><span class="line">/dev/sda1      xfs       494M  158M  337M   32% /boot</span><br><span class="line">/dev/sdb1      xfs       2.0T   42G  2.0T    3% /iflytek</span><br><span class="line">tmpfs          tmpfs      26G     0   26G    0% /run/user/0</span><br><span class="line"></span><br><span class="line"><span class="comment"># 或者</span></span><br><span class="line">$ parted -l</span><br><span class="line">Model: AVAGO INSPUR (scsi)</span><br><span class="line">Disk /dev/sda: 240GB</span><br><span class="line">Sector size (logical/physical): 512B/4096B</span><br><span class="line">Partition Table: msdos</span><br><span class="line">Disk Flags:</span><br><span class="line"></span><br><span class="line">Number  Start   End    Size   Type     File system  标志</span><br><span class="line"> 1      1049kB  525MB  524MB  primary  xfs          启动</span><br><span class="line"> 2      525MB   240GB  239GB  primary  xfs</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">Model: AVAGO INSPUR (scsi)</span><br><span class="line">Disk /dev/sdb: 8001GB</span><br><span class="line">Sector size (logical/physical): 512B/4096B</span><br><span class="line">Partition Table: msdos</span><br><span class="line">Disk Flags:</span><br><span class="line"></span><br><span class="line">Number  Start   End     Size    Type     File system  标志</span><br><span class="line"> 1      1049kB  2199GB  2199GB  primary  xfs</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看已格式化分区的UUID和文件系统</span></span><br><span class="line">$ blkid</span><br><span class="line">/dev/sda2: UUID=<span class="string">"58e6f06c-55bf-4565-9ef3-50b1155c1e2a"</span> TYPE=<span class="string">"xfs"</span></span><br><span class="line">/dev/sdb1: UUID=<span class="string">"23c36f8a-04cb-4cfc-8fdd-663379c4563c"</span> TYPE=<span class="string">"xfs"</span></span><br><span class="line">/dev/sda1: UUID=<span class="string">"799fab66-2443-4490-a387-b3483162e23d"</span> TYPE=<span class="string">"xfs"</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 可以查看未挂载的文件系统类型，有些系统可能没有这个命令</span></span><br><span class="line">$ lsblk -f</span><br><span class="line">NAME   FSTYPE LABEL UUID                                 MOUNTPOINT</span><br><span class="line">sda</span><br><span class="line">├─sda1 xfs          799fab66-2443-4490-a387-b3483162e23d /boot</span><br><span class="line">└─sda2 xfs          58e6f06c-55bf-4565-9ef3-50b1155c1e2a /</span><br><span class="line">sdb</span><br><span class="line">└─sdb1 xfs          23c36f8a-04cb-4cfc-8fdd-663379c4563c /iflytek</span><br></pre></td></tr></table></figure>
<h4 id="LVM-Logical-volume-Manager-逻辑卷管理相关概念"><a href="#LVM-Logical-volume-Manager-逻辑卷管理相关概念" class="headerlink" title="LVM(Logical volume Manager)逻辑卷管理相关概念"></a>LVM(Logical volume Manager)逻辑卷管理相关概念</h4><p>传统的磁盘管理机制，Linux操作系统和windows的差不多，绝大多数都是使用MBR(Master Boot Recorder)都是通过先对一个硬盘进行分区，然后再将该分区进行文件系统的格式化，在Linux系统中如果要使用该分区就将其挂载上去即可，windows的话其实底层也就是自动将所有的分区挂载好，然后我们就可以对该分区进行使用了。</p>
<p>在传统的磁盘管理机制中，我们的上层应用是直接访问文件系统，从而对底层的物理硬盘进行读取，而在LVM中，其通过对底层的硬盘进行封装，当我们对底层的物理硬盘进行操作时，其不再是针对于分区进行操作，而是通过一个叫做逻辑卷的东西来对其进行底层的磁盘管理操作。</p>
<p>LVM最大的特点就是可以对磁盘进行动态管理。因为逻辑卷的大小是可以动态调整的，而且不会丢失现有的数据。我们如果新增加了硬盘，其也不会改变现有上层的逻辑卷。</p>
<ul>
<li>物理拓展(Physical Extend，PE)　　</li>
<li>物理卷（Physical Volume,PV）：也就是物理磁盘分区，如果想要使用LVM来管理这个分区，可以使用fdisk将其ID改为LVM可以识别的值，即8e。</li>
<li>卷组（Volume Group,VG）：PV的集合</li>
<li>逻辑卷（Logic Volume,LV）：VG中画出来的一块逻辑磁盘</li>
</ul>
<p><strong>为什么要使用逻辑卷</strong>：</p>
<ul>
<li>业务上使用大容量的磁盘。举个例子，我们需要在/data下挂载30TB的存储，对于单个磁盘，是无法满足要求的，因为市面上没有那么大的单块磁盘。但是如果我们使用逻辑卷，将多个小容量的磁盘聚合为一个大的逻辑磁盘，就能满足需求。</li>
<li>扩展和收缩磁盘。在业务初期规划磁盘时，我们并不能完全知道需要分配多少磁盘空间是合理的，如果使用物理卷，后期无法扩展和收缩，如果使用逻辑卷，可以根据后期的需求量，手动扩展或收缩。</li>
</ul>
<p>总结：</p>
<p>(1)物理磁盘被格式化为PV，空间被划分为一个个的PE</p>
<p>(2)不同的PV加入到同一个VG中，不同PV的PE全部进入到了VG的PE池内</p>
<p>(3)LV基于PE创建，大小为PE的整数倍，组成LV的PE可能来自不同的物理磁盘（当我们创建好我们的VG以后，这个时候我们创建LV其实就是从VG中拿出我们指定数量的PE）</p>
<p>(4)LV现在就直接可以格式化后挂载使用了</p>
<p>(5)LV的扩充缩减实际上就是增加或减少组成该LV的PE数量，其过程不会丢失原始数据</p>
<h3 id="time-统计命令执行时间"><a href="#time-统计命令执行时间" class="headerlink" title="time 统计命令执行时间"></a>time 统计命令执行时间</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">$ time ps axu</span><br><span class="line">USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND</span><br><span class="line">...</span><br><span class="line">real	0m0.025s</span><br><span class="line">user	0m0.006s</span><br><span class="line">sys	0m0.019s</span><br></pre></td></tr></table></figure>
<ul>
<li><code>real</code>  挂钟时间, 即命令从开始到结束的时间, 包括其他进程所占用的时间片和进程被阻塞所花费的时间</li>
<li><code>user</code>  花费在用户模式中的CPU时间, 这是唯一真正用于执行进程所花费的时间, 其他进程和阻塞时间不算在内</li>
<li><code>sys</code>  花费在内核模式中的CPU时间, 代表在内核中执行系统调用所花费的时间, 这也是真正由进程使用的CPU时间</li>
</ul>
<h3 id="date-系统时间"><a href="#date-系统时间" class="headerlink" title="date 系统时间"></a>date 系统时间</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line">date</span><br><span class="line">date -s 20180308        <span class="comment"># 设置系统日期, 时间部分全为0, 只有root有权限</span></span><br><span class="line">date -s 01:23:30        <span class="comment"># 设置时间, 日期部分不变</span></span><br><span class="line">date -s <span class="string">"20180308 01:23:30"</span>     <span class="comment"># 设置系统时间</span></span><br><span class="line">date -s <span class="string">"01:23:30 2018-03-08"</span>   <span class="comment"># 也可以这样设置</span></span><br><span class="line">date +%Y%m%d    <span class="comment"># 显示当前年月日</span></span><br><span class="line">date +%Y%m%d --date=<span class="string">'+1 day'</span>   <span class="comment"># 显示昨天的年月日</span></span><br><span class="line">date +%Y%m%d --date=<span class="string">"+1 month"</span>  <span class="comment"># 显示下一月的日期</span></span><br><span class="line">date <span class="string">'+%d'</span>      <span class="comment"># 2018-03-10</span></span><br><span class="line">date <span class="string">'+%T'</span>      <span class="comment"># 03:30:21</span></span><br><span class="line">date -d <span class="string">'2 weeks'</span>   <span class="comment"># 2周后</span></span><br><span class="line">date -d <span class="string">'-100 days'</span>     <span class="comment"># 100天后</span></span><br><span class="line">date -d <span class="string">'next monday'</span>   <span class="comment"># 下个周一</span></span><br><span class="line">date -d last-month +%Y%m    <span class="comment"># 上个月</span></span><br></pre></td></tr></table></figure>
<h3 id="修改时间、时区、语言"><a href="#修改时间、时区、语言" class="headerlink" title="修改时间、时区、语言"></a>修改时间、时区、语言</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 查看当前时区</span></span><br><span class="line">$ date -R</span><br><span class="line">Sat, 15 May 2021 15:33:16 +0800</span><br><span class="line"></span><br><span class="line"><span class="comment"># 修改时区方法1 依次输入序号 Asia &gt; China &gt; Beijing Time</span></span><br><span class="line">$ tzselect</span><br><span class="line"></span><br><span class="line"><span class="comment"># 或者</span></span><br><span class="line">$ ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime</span><br></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 查看时间日期</span></span><br><span class="line">$ date</span><br><span class="line">2021年 05月 15日 星期六 15:43:17 CST</span><br><span class="line"></span><br><span class="line"><span class="comment"># 设置日期  2021-05-15</span></span><br><span class="line">$ date -s 15/05/2021</span><br><span class="line"><span class="comment"># 设置时间 15:45:30</span></span><br><span class="line">$ date -s 15:45:30</span><br><span class="line"></span><br><span class="line"><span class="comment"># 或者使用datetimectl</span></span><br><span class="line">$ timedatectl -h</span><br><span class="line"></span><br><span class="line"><span class="comment"># 将当前时间日期写入BIOS，避免重启后失效</span></span><br><span class="line">$ hwclock -w</span><br></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 查看当前语言设置</span></span><br><span class="line">$ <span class="built_in">echo</span> <span class="variable">$LANG</span></span><br><span class="line">zh_CN.UTF-8</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看系统安装的语言包</span></span><br><span class="line">$ locale -a | grep zh_CN</span><br><span class="line"></span><br><span class="line"><span class="comment"># 如果没有中文语言，可以执行如下指令，安装中文语言包</span></span><br><span class="line">$ yum groupinstall chinese-support</span><br><span class="line"></span><br><span class="line"><span class="comment"># 临时修改</span></span><br><span class="line">$ <span class="built_in">export</span> LANG=zh_CN.UTF-8</span><br><span class="line"><span class="comment"># 永久修改</span></span><br><span class="line">$ vim /etc/locale.conf  </span><br><span class="line"><span class="comment"># 改为 LANG="zh_CN.UTF-8"</span></span><br><span class="line"><span class="comment"># 或者</span></span><br><span class="line">$ localectl  <span class="built_in">set</span>-locale LANG=zh_CN.UTF8</span><br></pre></td></tr></table></figure>
<h2 id="应用"><a href="#应用" class="headerlink" title="应用"></a>应用</h2><h3 id="yum"><a href="#yum" class="headerlink" title="yum"></a>yum</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br></pre></td><td class="code"><pre><span class="line">yum check-update	<span class="comment"># 列出所有可更新的软件清单</span></span><br><span class="line">yum update			<span class="comment"># 更新所有软件</span></span><br><span class="line">yum update xxx		<span class="comment"># 更新指定软件 </span></span><br><span class="line">yum install -y xxx	<span class="comment"># 安装</span></span><br><span class="line">yum list			<span class="comment"># 列出可安装的软件列表</span></span><br><span class="line">yum remove -y xxx	<span class="comment"># 卸载</span></span><br><span class="line">yum search xxx		<span class="comment"># 查找</span></span><br><span class="line">yum info xxx		<span class="comment">#显示指定的rpm软件包的描述信息和概要信息</span></span><br><span class="line">yum resovledep xx	<span class="comment">#显示rpm软件包的依赖关系</span></span><br><span class="line">yum localinstall xx	<span class="comment">#安装本地的rpm软件包</span></span><br><span class="line">yum deplist xxx		<span class="comment">#显示rpm软件包的所有依赖关系</span></span><br><span class="line"></span><br><span class="line">yum search pam*		<span class="comment"># 通配符查找</span></span><br><span class="line"><span class="comment"># 检查 MySQL 是否已安装</span></span><br><span class="line">yum list installed | grep mysql</span><br><span class="line">yum list installed mysql*</span><br><span class="line"></span><br><span class="line"><span class="comment"># 系统初始化安装</span></span><br><span class="line">yum install gcc gcc-c++ cmake pcre pcre-devel zlib zlib-devel openssl openssl-devel vim wget telnet setuptool lrzsz dos2unix net-tools <span class="built_in">bind</span>-utils tree screen iftop ntpdate tree lsof iftop iotop -y</span><br><span class="line">yum groupinstall <span class="string">"Development tools"</span> -y</span><br></pre></td></tr></table></figure>
<p>使用国内yum源</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 1. 备份原始源信息</span></span><br><span class="line">mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup</span><br><span class="line"></span><br><span class="line"><span class="comment"># 2. 替换国内yum源</span></span><br><span class="line">wget -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.<span class="built_in">help</span>/CentOS6-Base-163.repo</span><br><span class="line"></span><br><span class="line"><span class="comment"># 3. 生成缓存</span></span><br><span class="line">yum clean all</span><br><span class="line">yum makecache</span><br><span class="line"></span><br><span class="line"><span class="comment"># 安装epel源</span></span><br><span class="line">mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup  </span><br><span class="line">mv /etc/yum.repos.d/epel-testing.repo /etc/yum.repos.d/epel-testing.repo.backup  </span><br><span class="line">curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo</span><br><span class="line">cat /etc/yum.repos.d/epel.repo</span><br></pre></td></tr></table></figure>
<blockquote>
<p><strong>阿里云与163源</strong></p>
<p><strong>CentOS7</strong>  </p>
<p><a href="http://mirrors.aliyun.com/repo/Centos-7.repo" target="_blank" rel="noopener">http://mirrors.aliyun.com/repo/Centos-7.repo</a></p>
<p><a href="http://mirrors.163.com/.help/CentOS7-Base-163.repo" target="_blank" rel="noopener">http://mirrors.163.com/.help/CentOS7-Base-163.repo</a></p>
<p><strong>CentOS6</strong>  </p>
<p><a href="http://mirrors.aliyun.com/repo/Centos-6.repo" target="_blank" rel="noopener">http://mirrors.aliyun.com/repo/Centos-6.repo</a></p>
<p><a href="http://mirrors.163.com/.help/CentOS6-Base-163.repo" target="_blank" rel="noopener">http://mirrors.163.com/.help/CentOS6-Base-163.repo</a></p>
<p><strong>CentOS5</strong> </p>
<p><a href="http://mirrors.aliyun.com/repo/Centos-5.repo" target="_blank" rel="noopener">http://mirrors.aliyun.com/repo/Centos-5.repo</a></p>
<p><a href="http://mirrors.163.com/.help/CentOS5-Base-163.repo" target="_blank" rel="noopener">http://mirrors.163.com/.help/CentOS5-Base-163.repo</a></p>
</blockquote>
<h4 id="离线安装"><a href="#离线安装" class="headerlink" title="离线安装"></a>离线安装</h4><ol>
<li><p>查看依赖包</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">yum deplist ansible</span><br></pre></td></tr></table></figure>
</li>
<li><p>方案一: repotrack</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">yum install -y yum-utils</span><br><span class="line">reoptrack ansible</span><br></pre></td></tr></table></figure>
</li>
<li><p>方案二: yumdonwloader</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">yum install -y yum-utils</span><br><span class="line">yumdownloader --resolve --destdir=/tmp ansible</span><br></pre></td></tr></table></figure>
<blockquote>
<p>仅会将主软件和基于当前操作系统缺失的依赖关系包一并下载</p>
</blockquote>
</li>
<li><p>方案四: yum的downloadonly插件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">yum install -y yum-download</span><br><span class="line">yum install -y ansible --downloadonly --downloaddir=/tmp</span><br></pre></td></tr></table></figure>
<blockquote>
<p>仅会将主软件和基于当前操作系统缺失的依赖关系包一并下载</p>
</blockquote>
</li>
</ol>
<h3 id="rpm-软件包管理"><a href="#rpm-软件包管理" class="headerlink" title="rpm  软件包管理"></a>rpm  软件包管理</h3><p>对于已安装软件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><span class="line">rpm -qa | grep mysql <span class="comment"># 查询</span></span><br><span class="line">rpm -qf /usr/lib/libanl.so.1   <span class="comment"># 查询安装文件属于哪个软件包</span></span><br><span class="line">rpm -qi xx   <span class="comment"># 查询一个已安装软件包的信息</span></span><br><span class="line">rpm -ql unzip-6.0-16.el7.x86_64   <span class="comment"># 查询已安装软件包都安装到了哪</span></span><br><span class="line">rpm -qc xx   <span class="comment"># 查询已安装软件的配置文件</span></span><br><span class="line">rpm -qd xx   <span class="comment"># 查询已安装软件的文档位置</span></span><br><span class="line">rpm -qR xx   <span class="comment"># 查询已安装软件所依赖的软件包与文件</span></span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看软件包的安装位置</span></span><br><span class="line">updatedb</span><br><span class="line">locate mysql-community-server</span><br></pre></td></tr></table></figure>
<p>对于未按照软件包</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">rpm -qip mysql-community-server-5.7.16-1.el7.x86_64.rpm  <span class="comment"># 查询软件包信息</span></span><br><span class="line">rpm -qpl xx.rpm  <span class="comment"># 查询软件包所包含的文件</span></span><br><span class="line">rpm -qpc xx.rpm  <span class="comment"># 查询软件包所包含的文件</span></span><br><span class="line">rpm -qpd xx.rpm  <span class="comment"># 查询软件包的文档位置</span></span><br><span class="line">rpm -qpR xx.rpm  <span class="comment"># 查询软件包的依赖关系</span></span><br></pre></td></tr></table></figure>
<p>安装升级删除</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line">rpm -ivh xx.rpm --<span class="built_in">test</span>  <span class="comment"># 检查依赖关系, 不会真的安装</span></span><br><span class="line">rpm -ivh xx.rpm   <span class="comment"># 安装新的软件包</span></span><br><span class="line">rpm -ivh xx.rpm --nodeps --force   <span class="comment"># 强制安装, 忽略依赖缺失问题</span></span><br><span class="line">rpm -ivh http://xxx/aaa.rpm    <span class="comment"># 从网络安装</span></span><br><span class="line"></span><br><span class="line">rpm -Uvh xx.rpm   <span class="comment"># 升级一个软件包</span></span><br><span class="line">rpm -Uvh --oldpackages xx.rpm   <span class="comment"># 版本降级</span></span><br><span class="line"></span><br><span class="line">rpm -e unzip-6.0-16.el7.x86_64</span><br></pre></td></tr></table></figure>
<h3 id="service"><a href="#service" class="headerlink" title="service"></a>service</h3><h3 id="systemctl"><a href="#systemctl" class="headerlink" title="systemctl"></a>systemctl</h3><h3 id="init-d"><a href="#init-d" class="headerlink" title="init.d"></a>init.d</h3><h3 id="journalctl"><a href="#journalctl" class="headerlink" title="journalctl"></a>journalctl</h3><h3 id="export"><a href="#export" class="headerlink" title="export"></a>export</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="built_in">export</span> -p   <span class="comment"># 列出当前的环境变量值</span></span><br></pre></td></tr></table></figure>
<h2 id="其他"><a href="#其他" class="headerlink" title="其他"></a>其他</h2><h3 id="xargs"><a href="#xargs" class="headerlink" title="xargs"></a>xargs</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br></pre></td><td class="code"><pre><span class="line">cat file.txt | xargs    <span class="comment"># 所有内容单行输出</span></span><br><span class="line">cat file.txt | xargs -n3    <span class="comment"># 每3列一行输出</span></span><br><span class="line">cat file.txt | xargs -n3 -d:    <span class="comment"># 指定列分隔符为:</span></span><br><span class="line">find . -name <span class="string">'.class'</span> | xargs rm -v   <span class="comment"># 删除所有claas文件</span></span><br><span class="line">find . -name <span class="string">'.class'</span> | xargs -p -n 1 rm -v   <span class="comment"># 删除所有claas文件, 每次删除需要确认</span></span><br><span class="line">find . -name <span class="string">'.class'</span> | xargs -i rm -v &#123;&#125;   <span class="comment"># -i 需要使用文件名替换&#123;&#125;, 使用小i默认占位符为&#123;&#125;</span></span><br><span class="line"><span class="comment"># 因为有些命令的变量在中间, 比如mv file /dir, 其中xx.tar变量, 而xargs默认是把变量放最后. 因此需要写成 ls *.tar | xargs -i mv &#123;&#125; /dir</span></span><br><span class="line">find . -name <span class="string">'*.class'</span> | xargs -0 -I [] rm -f []   <span class="comment"># 自定义占位符为[], 使用文件名替换[], rm多次, 直接rm多个文件时, 可能会有错误. -0指使用\0作为占位符.</span></span><br><span class="line">find . -<span class="built_in">type</span> f <span class="string">"*.java"</span> -print0 | xargs -0 wc -l   <span class="comment"># 统计文件行数</span></span><br><span class="line"><span class="comment"># 如果文件名包含空格, xargs默认按空格分隔(file 1.log -&gt; file 和 1.log), 此时后续命令会出错. 所以 print0会输出\0, 而在配合 -0 以\0为分隔符, 操作文件就没问题了</span></span><br><span class="line">find . -maxdepth 1 ! -name <span class="string">"."</span> -print0 | xargs -0 du -b | sort -nr | head -10 | nl   <span class="comment"># 找到文件大小前10的, 文件名不为'.'的文件, nl可以为输出列加上编号</span></span><br><span class="line"><span class="comment"># find后执行xargs提示xargs: argument line too long解决方法</span></span><br><span class="line">find . -<span class="built_in">type</span> f -atime +0 -print0 | xargs -0 -l1 -t rm -f    <span class="comment"># -1l是一次处理一个, -t是处理前打印命令</span></span><br></pre></td></tr></table></figure>
<h3 id="seq-生成连续的数字序列"><a href="#seq-生成连续的数字序列" class="headerlink" title="seq 生成连续的数字序列"></a>seq 生成连续的数字序列</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 输出1到5</span></span><br><span class="line">$ seq 5</span><br><span class="line"><span class="comment"># 或者</span></span><br><span class="line">$ seq 1 5</span><br><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line"></span><br><span class="line"><span class="comment"># 输出1到5，步长为2</span></span><br><span class="line">$ seq 1 2 5</span><br><span class="line">1</span><br><span class="line">3</span><br><span class="line">5</span><br><span class="line"></span><br><span class="line"><span class="comment"># 序列在单行，用指定分隔符进行分隔</span></span><br><span class="line">$ seq -s <span class="string">" "</span> 1 2 5</span><br><span class="line">1 3 5</span><br><span class="line"></span><br><span class="line"><span class="comment"># 使用指定字符补齐长度</span></span><br><span class="line">$ seq -s <span class="string">" "</span> -f <span class="string">"%04g"</span> 1 2 5</span><br><span class="line">0001 0003 0005</span><br></pre></td></tr></table></figure>
<h3 id="crontab-定时任务"><a href="#crontab-定时任务" class="headerlink" title="crontab 定时任务"></a>crontab 定时任务</h3><p><code>-u user</code> :  对指定用户的crontab服务进行处理</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br></pre></td><td class="code"><pre><span class="line">*   *   *   *   *</span><br><span class="line">分  时  天   月  周(1-6 0)</span><br><span class="line"></span><br><span class="line"><span class="comment"># 列出crontab文件</span></span><br><span class="line">crontab -l</span><br><span class="line"><span class="comment"># 编辑</span></span><br><span class="line">crontab -e</span><br><span class="line"><span class="comment"># 删除crontab文件</span></span><br><span class="line">crontab -r</span><br><span class="line"></span><br><span class="line"><span class="comment"># 每分钟执行一次</span></span><br><span class="line">* * * * * myCommand</span><br><span class="line"><span class="comment"># 每小时执行一次</span></span><br><span class="line">* */1 * * *  myCommand</span><br><span class="line"></span><br><span class="line"><span class="comment"># 每隔两天在上午8点到11的第3和第15分钟执行</span></span><br><span class="line">3,15 8-11 */2  *  * myCommand</span><br><span class="line"><span class="comment"># 每周1上午8点到11的第3和第15分钟执行</span></span><br><span class="line">3,15 8-11 * * 1 myCommand</span><br><span class="line"><span class="comment"># 每周六,周日的1:10重启smb</span></span><br><span class="line">10 1 * * 6,0 /etc/init.d/smb restart</span><br><span class="line"><span class="comment"># 12月每天早上6点到12点, 每隔3个小时的0分钟执行</span></span><br><span class="line">0 6-12/3 * 12 * myCommand</span><br></pre></td></tr></table></figure>
<p>crontab的日志文件是<code>/var/log/cron</code>   查看cron服务状态<code>systemctl status crond</code></p>
<p><strong>注意</strong></p>
<ul>
<li><p>命令中<code>%</code>是特殊字符, 需要加反斜线<code>\</code>转义</p>
</li>
<li><p>脚本涉及到的文件路径要写全局路径</p>
</li>
<li><p>脚本用到java或其他环境变量时, 先通过<code>source</code>命令引入</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">!/bin/sh</span><br><span class="line"><span class="built_in">source</span> /etc/profile</span><br><span class="line"><span class="built_in">export</span> RUN_CONF=/home/<span class="built_in">test</span>/cbp.jboss.conf</span><br><span class="line">/usr/<span class="built_in">local</span>/jboss-4.0.5/bin/run.sh -c mev &amp;</span><br></pre></td></tr></table></figure>
</li>
<li><p>当手动执行脚本OK, 但crontab不执行时, 很可能是环境变量的问题, 可尝试直接在crontab中引入环境变量</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">0 * * * * . /etc/profile;/bin/sh /home/<span class="built_in">test</span>/restart.sh</span><br></pre></td></tr></table></figure>
</li>
</ul>
<p>每次任务执行完, 系统会将输出信息通过邮件发给当前用户, 可以通过忽略日志输出避免</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">0 * * * * /xx.sh &gt; /dev/null 2&gt;&amp;1</span><br></pre></td></tr></table></figure>
<p>新创建的定时任务不会马上执行, 至少要过2分钟, 但重启cron则马上执行. 当crontab失效时可以尝试<code>/etc/init.d/crond restart</code>解决问题. 可以查看日志<code>/var/log/cron</code>定位问题.</p>
<h3 id="nohup"><a href="#nohup" class="headerlink" title="nohup"></a>nohup</h3><p>nohup 是 no hang up 的缩写，就是不挂断的意思。该命令可以在你退出帐户/关闭终端时忽略SIGHUP信号，从而继续运行相应的进程。在缺省情况下该作业的所有输出都被重定向到当前目录的nohup.out的文件中, 如果当前目录的 nohup.out 文件不可写，输出重定向到 $HOME/nohup.out 文件中。</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">nohup java -jar xxx.jar &gt; /dev/null 2&gt;&amp;1 &amp;</span><br></pre></td></tr></table></figure>
<p><code>&amp;</code> 在后台运行，但是关闭shell后，对应的服务也会关闭，因为对SIGHUP信号不免疫。此时配合nohup可以让应用继续运行。  <code>2&gt;&amp;1</code> 是将标准出错重定向到标准输, <code>/dev/null 2&gt;&amp;1</code> 将标准输出和错误输出全部重定向到/dev/null中,也就是将产生的所有信息丢弃</p>
<h2 id="系统监控"><a href="#系统监控" class="headerlink" title="系统监控"></a>系统监控</h2><p>下面大部分命令属于<code>sysstat</code>软件包的一部分, 执行<code>yum install -y sysstat</code></p>
<h3 id="mpstat-cpu监控"><a href="#mpstat-cpu监控" class="headerlink" title="mpstat  - cpu监控"></a>mpstat  - cpu监控</h3><p>每隔1s打印所有cpu使用情况, 间隔1s，打印10次</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">[root@demo ~]<span class="comment"># mpstat -P ALL 1 10</span></span><br><span class="line">Linux 3.10.0-862.14.4.el7.x86_64 (demo) 	2020年09月01日 	_x86_64_	(1 CPU)</span><br><span class="line"></span><br><span class="line">10时07分12秒  CPU    %usr   %nice    %sys %iowait    %irq   %soft  %steal  %guest  %gnice   %idle</span><br><span class="line">10时07分13秒  all    0.00    0.00    0.00    0.00    0.00    0.00    0.00    0.00    0.00  100.00</span><br><span class="line">10时07分13秒    0    0.00    0.00    0.00    0.00    0.00    0.00    0.00    0.00    0.00  100.00</span><br></pre></td></tr></table></figure>
<p>参数说明:</p>
<p>​    <code>-P</code>: <code>ALL</code> 或 <code>0 - CPU个数-1</code> 监控哪个cpu</p>
<p>结果说明:</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">%user      在间隔的时间段里，用户态的CPU时间(%)，不包含nice值为负进程  (usr/total)*100</span><br><span class="line">%nice      在间隔的时间段里，nice值为负进程的CPU时间(%)   (nice/total)*100</span><br><span class="line">%sys       在间隔的时间段里，内核时间(%)       (system/total)*100</span><br><span class="line">%iowait    在间隔的时间段里，硬盘IO等待时间(%) (iowait/total)*100</span><br><span class="line">%irq       在间隔的时间段里，硬中断时间(%)     (irq/total)*100</span><br><span class="line">%soft      在间隔的时间段里，软中断时间(%)     (softirq/total)*100</span><br><span class="line">%idle      在间隔的时间段里，CPU除去等待磁盘IO操作外的因为任何原因而空闲的时间闲置时间(%) (idle/total)*100</span><br></pre></td></tr></table></figure>
<h3 id="vmstat-内存监控"><a href="#vmstat-内存监控" class="headerlink" title="vmstat 内存监控"></a>vmstat 内存监控</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 每秒1次, 输出3次</span></span><br><span class="line">$ vmstat 1 3</span><br><span class="line">procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----</span><br><span class="line"> r  b   swpd   free   buff  cache   si   so    bi    bo   <span class="keyword">in</span>   cs us sy id wa st</span><br><span class="line"> 1  0      0 8501324     40 11794708    0    0     0     5    0    0  1  0 98  0  0</span><br></pre></td></tr></table></figure>
<ul>
<li><strong>procs</strong> 进程<ul>
<li><strong>r</strong> 运行队列中进程数量</li>
<li><strong>b</strong> 等待IO的进程数量</li>
</ul>
</li>
<li><strong>memory</strong> 内存<ul>
<li><strong>swpd</strong> 使用虚拟内存大小</li>
<li><strong>free</strong> 可用内存大小</li>
<li><strong>buff</strong> 用作缓冲的大小</li>
<li><strong>cache</strong> 用作缓存的大小</li>
</ul>
</li>
<li><strong>swap</strong> 交换区<ul>
<li><strong>si</strong> 每秒从交换区写到内存的大小</li>
<li><strong>so</strong> 每秒写入到交换区的大小</li>
</ul>
</li>
<li><strong>IO</strong><ul>
<li><strong>bi</strong> 每秒读取的块数   <strong>这里的块不同于文件系统的块, 是操作系统内部用于缓存和缓冲操作的, 当前大小为1024Bytes</strong></li>
<li><strong>bo</strong> 每秒写入的块数</li>
</ul>
</li>
<li><strong>system</strong>  <ul>
<li><strong>in</strong>  每秒中断数 包括时钟中断</li>
<li><strong>cs</strong> 每秒上下文切换数</li>
</ul>
</li>
<li><strong>CPU</strong><ul>
<li><strong>us</strong> 用户进程执行时间</li>
<li><strong>sy</strong> 系统进程执行时间</li>
<li><strong>id</strong> 空闲时间, 包括IO等待时间</li>
<li><strong>wa</strong> 等待IO时间</li>
<li><strong>st</strong> 管理程序(hypervisor 虚拟化)为另一个虚拟进程提供服务而等待虚拟 CPU 的百分比</li>
</ul>
</li>
</ul>
<h3 id="iostat-IO监控"><a href="#iostat-IO监控" class="headerlink" title="iostat IO监控"></a>iostat IO监控</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line">$ iostat 1 3</span><br><span class="line">Linux 3.10.0-514.el7.x86_64 (dev) 	2020年10月09日 	_x86_64_	(16 CPU)</span><br><span class="line"></span><br><span class="line">avg-cpu:  %user   %nice %system %iowait  %steal   %idle</span><br><span class="line">           1.38    0.00    0.41    0.04    0.00   98.18</span><br><span class="line"></span><br><span class="line">Device:            tps    kB_read/s    kB_wrtn/s    kB_read    kB_wrtn</span><br><span class="line">vda               4.76         0.84        53.30   19037086 1211485860</span><br></pre></td></tr></table></figure>
<p>CPU属性</p>
<ul>
<li><strong>%user</strong> CPU在用户模式下的时间百分比</li>
<li><strong>%nice</strong> CPU在带NICE值的用户模式下的时间百分比</li>
<li><strong>%system</strong> CPU在系统模式下的时间百分比</li>
<li><strong>%iowait</strong> CPU等待输入输出完成的时间百分比</li>
<li><strong>%steal</strong> 管理程序维护另一个虚拟处理器时, 虚拟CPU的无意识等待时间百分比</li>
<li><strong>%idle</strong> CPU空闲时间百分比</li>
</ul>
<blockquote>
<p>%iowait值过高表示磁盘存在IO瓶颈;  %idle值高表示CPU比较空闲;  如果%idle值高但系统响应慢, 可能是CPU等待内存分配; %idle持续低于10说明系统CPU处理能力不足</p>
</blockquote>
<p>disk属性</p>
<ul>
<li><strong>tps</strong> 设备每秒是IO请求数, 多个逻辑请求可能会被合并为一次IO请求, 一次IO请求的大小是未知的</li>
<li><strong>kB_read/s</strong> 每秒从设备读取的数据量</li>
<li><strong>kB_wrtn/s</strong> 每秒向设备写入的数据量</li>
<li><strong>kB_read</strong> 读取的数据总量</li>
<li><strong>kB_wrtn</strong> 写入的数据总量</li>
</ul>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 显示更详细的io信息</span></span><br><span class="line">$ iostat -x 1 3</span><br><span class="line">...</span><br><span class="line">Device:         rrqm/s   wrqm/s     r/s     w/s    rkB/s    wkB/s avgrq-sz avgqu-sz   await r_await w_await  svctm  %util</span><br><span class="line">vda               0.00     0.12    0.02    4.74     0.84    53.32    22.76     0.04    7.76   14.59    7.73   1.36   0.65</span><br></pre></td></tr></table></figure>
<p><code>rrqm/s</code> 每秒进行 merge 的读操作数目。即 rmerge/s<br><code>wrqm/s</code> 每秒进行 merge 的写操作数目。即 wmerge/s<br><code>r/s</code> 每秒完成的读 I/O 设备次数。即 rio/s<br><code>w/s</code> 每秒完成的写 I/O 设备次数。即 wio/s<br><code>rsec/s</code> 每秒读扇区数。即 rsect/s<br><code>wsec/s</code> 每秒写扇区数。即 wsect/s<br><code>rkB/s</code> 每秒读K字节数。是 rsect/s 的一半，因为每扇区大小为512字节。<br><code>wkB/s</code> 每秒写K字节数。是 wsect/s 的一半。<br><code>avgrq-sz</code> 平均每次设备I/O操作的数据大小 (扇区)。<br><code>avgqu-sz</code> 平均I/O队列长度。<br><code>await</code> 平均每次设备I/O操作的等待时间 (毫秒)。<br><code>r_await</code> 平均每次设备读I/O操作的等待时间 (毫秒)。<br><code>w_await</code> 平均每次设备写I/O操作的等待时间 (毫秒)。<br><del><code>svctm</code> 平均每次设备I/O操作的服务时间 (毫秒)</del><em>废弃</em>。<br><code>%util</code> 一秒中有百分之多少的时间用于 I/O 操作，即被io消耗的cpu百分比</p>
<blockquote>
<p>如果 %util 接近 100%，说明产生的I/O请求太多，I/O系统已经满负荷，该磁盘可能存在瓶颈。如果 svctm 比较接近 await，说明 I/O 几乎没有等待时间；如果 await 远大于 svctm，说明I/O 队列太长，io响应太慢，则需要进行必要优化。如果avgqu-sz比较大，也表示有大量io在等待。</p>
</blockquote>
<h3 id="pidstat-进程资源占用监控"><a href="#pidstat-进程资源占用监控" class="headerlink" title="pidstat - 进程资源占用监控"></a>pidstat - 进程资源占用监控</h3><p>pidstat 是sysstat软件套件的一部分, CentOS使用该命令安装: <code>yum install sysstat</code></p>
<p><strong>常用参数</strong></p>
<ul>
<li><code>-u</code> 默认参数，显示各个进程的 CPU 统计信息</li>
<li><code>-r</code> 显示各个进程的内存使用情况</li>
<li><code>-d</code> 显示各个进程的 IO 使用</li>
<li><code>-w</code> 显示各个进程的上下文切换</li>
</ul>
<p>显示所有进程的CPU使用信息, <code>pidstat</code> 或 <code>pidstat -u -p ALL</code></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br></pre></td><td class="code"><pre><span class="line">$ pidstat</span><br><span class="line">Linux 3.10.0-862.14.4.el7.x86_64 (demo) 	2020年09月01日 	_x86_64_	(1 CPU)</span><br><span class="line"></span><br><span class="line">10时14分30秒   UID       PID    %usr %system  %guest    %CPU   CPU  Command</span><br><span class="line">10时14分30秒     0         1    0.01    0.01    0.00    0.01     0  systemd</span><br><span class="line">10时14分30秒     0         2    0.00    0.00    0.00    0.00     0  kthreadd</span><br><span class="line">...</span><br><span class="line"></span><br><span class="line"><span class="comment"># 指定进程</span></span><br><span class="line">pidstat -p 123</span><br><span class="line"></span><br><span class="line"><span class="comment"># 间隔1s, 显示3次</span></span><br><span class="line">pidstat 1 3</span><br></pre></td></tr></table></figure>
<p><code>PID</code> 进程ID<br><code>%usr</code> 进程在用户空间占用cpu的百分比  <code>%system</code> 进程在内核空间占用cpu的百分比<br><code>%guest</code> 进程在虚拟机占用cpu的百分比<br><code>%CPU</code> 进程占用cpu的百分比<br><code>CPU</code> 处理进程的cpu编号<br><code>Command</code> 当前进程对应的命令</p>
<h4 id="查看内存"><a href="#查看内存" class="headerlink" title="查看内存"></a>查看内存</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ pidstat -r -p 1205</span><br><span class="line">10时22分46秒   UID       PID  minflt/s  majflt/s     VSZ    RSS   %MEM  Command</span><br><span class="line">10时22分47秒     0      1205      0.00      0.00   47448   2672   0.14  nginx</span><br></pre></td></tr></table></figure>
<p><code>PID</code> 进程标识符<br><code>Minflt/s</code> 任务每秒发生的次要错误，不需要从磁盘中加载页<br><code>Majflt/s</code> 任务每秒发生的主要错误，需要从磁盘中加载页<br><code>VSZ</code> 虚拟地址大小，虚拟内存的使用KB<br><code>RSS</code> 常驻集合大小，非交换区五里内存使用KB<br><code>Command</code> 当前进程对应的命令</p>
<h4 id="查看io"><a href="#查看io" class="headerlink" title="查看io"></a>查看io</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ pidstat -d -p 1205</span><br><span class="line">10时23分11秒   UID       PID   kB_rd/s   kB_wr/s kB_ccwr/s  Command</span><br><span class="line">10时23分12秒     0      1205      0.00      0.00      0.00  nginx</span><br></pre></td></tr></table></figure>
<p><code>PID</code> 进程id<br><code>kB_rd/s</code> 每秒从磁盘读取的KB<br><code>kB_wr/s</code> 每秒写入磁盘KB<br><code>kB_ccwr/s</code> 任务取消的写入磁盘的KB。当任务截断脏的pagecache的时候会发生<br><code>Command</code> 当前进程对应的命令</p>
<h4 id="查看上下文切换"><a href="#查看上下文切换" class="headerlink" title="查看上下文切换"></a>查看上下文切换</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ pidstat -w -p 4846</span><br><span class="line">18时29分18秒   UID       PID   cswch/s nvcswch/s  Command</span><br><span class="line">18时29分18秒     0      4846      0.00      0.00  java</span><br></pre></td></tr></table></figure>
<p><code>PID</code> 进程id<br><code>Cswch/s</code> 每秒主动任务上下文切换数量<br><code>Nvcswch/s</code> 每秒被动任务上下文切换数量<br><code>Command</code> 当前进程对应的命令</p>
<h4 id="查看线程信息"><a href="#查看线程信息" class="headerlink" title="查看线程信息"></a>查看线程信息</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">$ pidstat -t -p 4846</span><br><span class="line">18时33分00秒   UID      TGID       TID    %usr %system  %guest    %CPU   CPU  Command</span><br><span class="line">18时33分00秒     0      4846         -    0.00    0.00    0.00    0.00    13  java</span><br><span class="line">18时33分00秒     0         -      4846    0.00    0.00    0.00    0.00    13  |__java</span><br><span class="line">18时33分00秒     0         -      4849    0.00    0.00    0.00    0.00    15  |__java</span><br><span class="line">...</span><br></pre></td></tr></table></figure>
<p><code>PID</code> 进程ID<br><code>%usr</code> 进程在用户空间占用cpu的百分比  <code>%system</code> 进程在内核空间占用cpu的百分比<br><code>%guest</code> 进程在虚拟机占用cpu的百分比<br><code>%CPU</code> 进程占用cpu的百分比<br><code>CPU</code> 处理进程的cpu编号<br><code>Command</code> 当前进程对应的命令</p>
<h3 id="sar-系统活动报告"><a href="#sar-系统活动报告" class="headerlink" title="sar - 系统活动报告"></a>sar - 系统活动报告</h3><p>统计结果可以输出到文件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">sar -o sarfile.log -u 1 3</span><br></pre></td></tr></table></figure>
<ul>
<li><code>u</code> cpu使用率</li>
<li><code>q</code> cpu负载</li>
<li><code>B</code> 内存使用率</li>
<li><code>R</code> 内存页</li>
<li><code>S</code> swap使用率</li>
<li><code>b</code> io</li>
<li><code>n</code>  网络</li>
<li><code>d</code> 块设备</li>
<li><code>F</code> 挂载设备</li>
<li><code>m</code> 电源管理</li>
</ul>
<h4 id="CPU使用率"><a href="#CPU使用率" class="headerlink" title="CPU使用率"></a>CPU使用率</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -u 1 3</span><br><span class="line">15时31分47秒     CPU     %user     %nice   %system   %iowait    %steal     %idle</span><br><span class="line">15时31分48秒     all      1.00      0.00      0.06      0.00      0.00     98.93</span><br></pre></td></tr></table></figure>
<p><code>CPU</code>: all表示统计的所有CPU<br><code>%user</code>: 用户级运行cpu占比   <code>%nice</code>:用户级别用于nice操作CPU占比 <code>%system</code>: 核心级运行CPU占比<br><code>%iowait</code>: 用于等待IO操作占用CPU时间的百分比<br><code>%steal</code>: 管理程序(hypervisor 虚拟化)为另一个虚拟进程提供服务而等待虚拟 CPU 的百分比<br><code>%idle</code>: 显示CPU空闲占比, 若%iowait过高则表示磁盘存在IO瓶颈; 若%idel高但系统响应慢则可能是内存不足, cpu在等待分配内存; 若%idle持续&lt;1则系统cpu处理能力不足</p>
<h4 id="内存使用率"><a href="#内存使用率" class="headerlink" title="内存使用率"></a>内存使用率</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -r 1 3</span><br><span class="line">15时30分02秒 kbmemfree kbmemused  %memused kbbuffers  kbcached  kbcommit   %commit  kbactive   kbinact   kbdirty</span><br><span class="line">15时30分03秒  30212716  35595764     54.09        40   4453844  40602136     61.70  30280872   3281308       240</span><br></pre></td></tr></table></figure>
<p><code>kbmemfree</code>: 可用内存, 不含buffer/cache   <code>kbmemused</code>: 已用内存, 包含buffer/cache<br><code>%memused</code>: kbmemused占总内存百分比<br><code>kbbuffers</code>: buffer空间大小  <code>kbcached</code>:cache空间大小<br><code>kbcommit</code>: 为了确保不溢出而需要的内存(RAM + swap)  <code>%commit</code>: kbcommit占比<br><code>kbactive</code>: 最近使用的不被回收的   <code>kbinact</code>: 不经常使用的容易被回收  <code>kbdirty</code>: 赃页,等待写入磁盘</p>
<h4 id="CPU负载"><a href="#CPU负载" class="headerlink" title="CPU负载"></a>CPU负载</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -q 1 3</span><br><span class="line">15时49分19秒   runq-sz  plist-sz   ldavg-1   ldavg-5  ldavg-15   blocked</span><br><span class="line">15时49分20秒         0       832      0.00      0.01      0.05         0</span><br></pre></td></tr></table></figure>
<p><code>runq-sz</code>:  运行队列长度, 即等待运行的进程数<br><code>plist-sz</code>:  进程列表中进程和线程的数量<br><code>ldavg-1</code> <code>ldavg-5</code> <code>ldavg-15</code> :  过去1/5/15分钟系统的平均负载<br><code>blocked</code>: 正在等待io的任务数量</p>
<h4 id="内存页状态"><a href="#内存页状态" class="headerlink" title="内存页状态"></a>内存页状态</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -B 1 3</span><br><span class="line">15时33分35秒  pgpgin/s pgpgout/s   fault/s  majflt/s  pgfree/s pgscank/s pgscand/s pgsteal/s    %vmeff</span><br><span class="line">15时33分36秒      0.00     18.00     31.00      0.00     82.00      0.00      0.00      0.00      0.00</span><br></pre></td></tr></table></figure>
<p><code>pgpgin/s</code> <code>pgpgout/s</code> : 每秒从磁盘换入/出到内存的字节数(KB)<br><code>fault/s</code>: 每秒系统产生的缺页数, 即major+minor;  <code>majflt/s</code>: 每秒产生的主缺页数<br><code>pgfree/s</code>: 每秒被放入空闲队列的页个数  <code>pgscank/s</code>: 每秒被kswapd扫描的页数<br><code>pgscand/s</code>: 每秒直接被扫描的   <code>pgsteal/s</code>: 每秒从cache中被清除用来满足内存需要的页数<br><code>%vmeff</code>: 每秒清除的页(pgsteal)占总扫描页(pgscank+pgscand)</p>
<h4 id="swap信息"><a href="#swap信息" class="headerlink" title="swap信息"></a>swap信息</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -W 1 3</span><br><span class="line">15时53分10秒  pswpin/s pswpout/s</span><br><span class="line">15时53分11秒      0.00      0.00</span><br></pre></td></tr></table></figure>
<p><code>pswpin/s</code> <code>pswpout/s</code> : 每秒换入/出的交换页面(swap page)数量</p>
<h4 id="IO和传输速率"><a href="#IO和传输速率" class="headerlink" title="IO和传输速率"></a>IO和传输速率</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -b 1 3</span><br><span class="line">15时37分39秒       tps      rtps      wtps   bread/s   bwrtn/s</span><br><span class="line">15时37分40秒      2.00      0.00      2.00      0.00     16.00</span><br></pre></td></tr></table></figure>
<p><code>tps</code>: 每秒物理设备的IO请求总数<br><code>rtps</code> <code>wtps</code>: 每秒读/写物理设备的io请求数<br><code>bread/s</code> <code>bwrtn/s</code>: 每秒读写物理设备的数据量, 单位: 块/s, 这里的块等于扇区, 所有大小为512Bytes</p>
<p>文件系统的块大小可以通过<code>blockdev --getbsz /dev/vda</code>或者 <code>stat -f /dev/vda</code> 查看(块是文件系统里的概念, 扇区(<code>fdisk- l</code>)是磁盘里的概念, 一般块是扇区的2^n倍)</p>
<h4 id="块设备信息"><a href="#块设备信息" class="headerlink" title="块设备信息"></a>块设备信息</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -d 1 3</span><br><span class="line">平均时间:       DEV       tps  rd_sec/s  wr_sec/s  avgrq-sz  avgqu-sz     await     svctm     %util</span><br><span class="line">平均时间:  dev253-0      0.67      0.00     13.33     20.00      0.00      0.50      0.50      0.03</span><br></pre></td></tr></table></figure>
<p><code>tps</code>: 每秒请求物理磁盘的次数, 多个逻辑请求会被合并成1个io请求, 一次传输的大小是不确定的<br><code>rd_sec/s</code> <code>wr_sec/s</code> : 每秒读写的扇区数量, <strong>扇区大小512Bytes</strong><br><code>avgrq-sz</code> : 平均每次io请求的扇区大小<br><code>avgqu-sz</code> : 磁盘请求队列的平均长度<br><code>await</code>: 从请求磁盘操作到系统完成处理, 每次请求的平均消耗时间(毫秒), 包括请求队列等待时间<br><code>svctm</code> : 系统处理每次请求的平均时间(毫秒), 不包括在请求队列中消耗的时间<br><code>%util</code>:  I/O请求占CPU的百分比, 比率越大, 说明设备带宽使用率越高</p>
<h4 id="网卡流量"><a href="#网卡流量" class="headerlink" title="网卡流量"></a>网卡流量</h4><p><code>-n</code>参数有6个开关:</p>
<ul>
<li>DEV显示网络接口信息。</li>
<li>EDEV显示关于网络错误的统计数据。</li>
<li>NFS统计活动的NFS客户端的信息。</li>
<li>NFSD统计NFS服务器的信息</li>
<li>SOCK显示套接字信息</li>
<li>ALL显示所有5个开关</li>
</ul>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">$ sar -n DEV 1 2</span><br><span class="line">16时08分55秒     IFACE   rxpck/s   txpck/s    rxkB/s    txkB/s   rxcmp/s   txcmp/s  rxmcst/s</span><br><span class="line">16时08分56秒      eth0     88.00    683.00      5.67   1008.74      0.00      0.00      0.00</span><br><span class="line"></span><br><span class="line"><span class="comment"># 查看xx日的网卡流量历史</span></span><br><span class="line">$ sar -n DEV -f /var/<span class="built_in">log</span>/sa/saxx</span><br></pre></td></tr></table></figure>
<p><code>IFACE</code> ：LAN接口<br><code>rxpck/s</code>  <code>txpck/s</code> ：每秒钟接收/发送的数据包<br><code>rxkB/s</code> <code>txkB/s</code>：每秒钟接收/发送的字节数 千字节/s<br><code>rxcmp/s</code> <code>txcmp/s</code> ：每秒钟接收/发送的压缩数据包<br><code>rxmcst/s</code> ：每秒钟接收的多播数据包</p>
<h4 id="统计网络设备通信失败信息"><a href="#统计网络设备通信失败信息" class="headerlink" title="统计网络设备通信失败信息"></a>统计网络设备通信失败信息</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">$ sar -n EDEV  1 3</span><br><span class="line">17时04分54秒     IFACE   rxerr/s   txerr/s    coll/s  rxdrop/s  txdrop/s  txcarr/s  rxfram/s  rxfifo/s  txfifo/s</span><br><span class="line">17时04分55秒 enp95s0f0      0.00      0.00      0.00      0.00      0.00      0.00      0.00      0.00      0.00</span><br><span class="line">17时04分55秒      eno1      0.00      0.00      0.00      0.00      0.00      0.00      0.00      0.00      0.00</span><br></pre></td></tr></table></figure>
<p>结果</p>
<p><code>rxerr/s</code>   <code>txerr/s</code>  ：每秒钟接收/发送的坏数据包：每秒钟的坏数据包<br><code>coll/s</code> ：每秒冲突数<br><code>rxdrop/s</code>   <code>txdrop/s</code>  ：因为缓冲充满，每秒钟丢弃的已接收/发送数据包数<br><code>txcarr/s</code> ：发送数据包时，每秒载波错误数\<br><code>rxfram/s</code> ：每秒接收数据包的帧对齐错误数<br><code>rxfifo/s</code>   <code>txfifo/s</code> ：接收/发送的数据包每秒FIFO过速的错误数</p>
<h4 id="IP层统计"><a href="#IP层统计" class="headerlink" title="IP层统计"></a>IP层统计</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -n IP 1 3</span><br><span class="line">17时20分06秒    irec/s  fwddgm/s    idel/s     orq/s   asmrq/s   asmok/s  fragok/s fragcrt/s</span><br><span class="line">17时20分07秒     25.00      0.00     25.00     24.00      0.00      0.00      0.00      0.00</span><br></pre></td></tr></table></figure>
<h4 id="IP层错误统计"><a href="#IP层错误统计" class="headerlink" title="IP层错误统计"></a>IP层错误统计</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -n EIP 1 3</span><br><span class="line">17时21分01秒 ihdrerr/s iadrerr/s iukwnpr/s   idisc/s   odisc/s   onort/s    asmf/s   fragf/s</span><br><span class="line">17时21分02秒      0.00      0.00      0.00      0.00      0.00      0.00      0.00      0.00</span><br></pre></td></tr></table></figure>
<h4 id="TCP连接信息"><a href="#TCP连接信息" class="headerlink" title="TCP连接信息"></a>TCP连接信息</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -n TCP 1 3</span><br><span class="line">17时16分00秒  active/s passive/s    iseg/s    oseg/s</span><br><span class="line">17时16分01秒      3.00      1.00     37.00     45.00</span><br></pre></td></tr></table></figure>
<p><code>active/s</code> : 新的主动连接   <code>passive/s</code> : 新的被动连接<br><code>iseg/s</code> : 接受的段   <code>oseg/s</code> : 输出的段</p>
<h4 id="TCP层错误统计"><a href="#TCP层错误统计" class="headerlink" title="TCP层错误统计"></a>TCP层错误统计</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">$ sar -n ETCP 1 3</span><br><span class="line">16时17分04秒  atmptf/s  estres/s retrans/s isegerr/s   orsts/s</span><br><span class="line">16时17分05秒      0.00      0.00      0.00      0.00      1.00</span><br><span class="line"></span><br><span class="line"><span class="comment"># 可以结合使用</span></span><br><span class="line">$ sar -n DEV -n ETCP</span><br></pre></td></tr></table></figure>
<p><code>atmptf/s</code> : 每秒重试失败数      <code>estres/s</code> : 每秒断开连接数 </p>
<p><code>retrans/s</code> : 每秒重传数         <code>isegerr/s</code> :  每秒错误数       <code>orsts/s</code> : 每秒RST数</p>
<h4 id="socket连接信息"><a href="#socket连接信息" class="headerlink" title="socket连接信息"></a>socket连接信息</h4><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">$ sar -n SOCK 1 3</span><br><span class="line">17时11分06秒    totsck    tcpsck    udpsck    rawsck   ip-frag    tcp-tw</span><br><span class="line">17时11分07秒      2312       701         3         0         0        38</span><br></pre></td></tr></table></figure>
<p><code>totsck</code> : 当前被使用的socket总数<br><code>tcpsck</code> : 当前正在被使用的TCP的socket总数<br><code>udpsck</code> :  当前正在被使用的UDP的socket总数<br><code>rawsck</code> : 当前正在被使用于RAW的skcket总数<br><code>if-frag</code>  : 当前的IP分片的数目<br><code>tcp-tw</code> : TCP套接字中处于TIME-WAIT状态的连接数量</p>
<h3 id="pstack-跟踪进程堆栈"><a href="#pstack-跟踪进程堆栈" class="headerlink" title="pstack 跟踪进程堆栈"></a>pstack 跟踪进程堆栈</h3><p>pstack 命令必须由相应进程的属主或 root 运行, 可以使用 pstack 来确定进程挂起的位置, 可以在一段时间内，多执行几次pstack，若发现代码栈总是停在同一个位置，那个位置就需要重点关注，很可能就是出问题的地方</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br></pre></td><td class="code"><pre><span class="line">$ pstack 4846</span><br><span class="line">Thread 72 (Thread 0x2b3304708700 (LWP 4849)):</span><br><span class="line"><span class="comment">#0  0x00002b330487b965 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0</span></span><br><span class="line"><span class="comment">#1  0x00002b3305b89ec3 in os::PlatformEvent::park() () from /iflytek/server/jdk1.8.0_71/jre/lib/amd64/server/libjvm.so</span></span><br><span class="line"><span class="comment">#2  0x00002b3305b4abb7 in Monitor::IWait(Thread*, long) () from /iflytek/server/jdk1.8.0_71/jre/lib/amd64/server/libjvm.so</span></span><br><span class="line"><span class="comment">#3  0x00002b3305b4b380 in Monitor::wait(bool, long, bool) () from /iflytek/server/jdk1.8.0_71/jre/lib/amd64/server/libjvm.so</span></span><br><span class="line"><span class="comment">#4  0x00002b3305cdcb11 in Threads::destroy_vm() () from /iflytek/server/jdk1.8.0_71/jre/lib/amd64/server/libjvm.so</span></span><br><span class="line"><span class="comment">#5  0x00002b330593d421 in jni_DestroyJavaVM () from /iflytek/server/jdk1.8.0_71/jre/lib/amd64/server/libjvm.so</span></span><br><span class="line"><span class="comment">#6  0x00002b3304a9363d in JavaMain () from /iflytek/server/jdk1.8.0_71/bin/../lib/amd64/jli/libjli.so</span></span><br><span class="line"><span class="comment">#7  0x00002b3304877dd5 in start_thread () from /lib64/libpthread.so.0</span></span><br><span class="line"><span class="comment">#8  0x00002b3304fa402d in clone () from /lib64/libc.so.6</span></span><br><span class="line">Thread 71 (Thread 0x2b3304809700 (LWP 4850)):</span><br><span class="line">...</span><br></pre></td></tr></table></figure>
<h3 id="strace-跟踪进程的系统调用"><a href="#strace-跟踪进程的系统调用" class="headerlink" title="strace 跟踪进程的系统调用"></a>strace 跟踪进程的系统调用</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br></pre></td><td class="code"><pre><span class="line">$ strace cat /dev/null</span><br><span class="line">execve(<span class="string">"/bin/cat"</span>, [<span class="string">"cat"</span>, <span class="string">"/dev/null"</span>], [/* 32 vars */]) = 0</span><br><span class="line">brk(0)                                  = 0x1d92000</span><br><span class="line">mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0893333000</span><br><span class="line">access(<span class="string">"/etc/ld.so.preload"</span>, R_OK)      = -1 ENOENT (No such file or directory)</span><br><span class="line">...</span><br><span class="line"></span><br><span class="line"><span class="comment"># 跟踪可执行程序 -f -F: 同时跟踪fork和vfork出来的进程, -o: 把输出写入文件</span></span><br><span class="line">strace -f -F -o straceout.txt mysql</span><br><span class="line"></span><br><span class="line"><span class="comment"># 跟踪指定进程的所有系统调用 并统计耗时 以及开始时间</span></span><br><span class="line">strace -o straceout.txt -T -tt -e trace=all -p 1234</span><br></pre></td></tr></table></figure>
<h3 id="free-查询可用内存"><a href="#free-查询可用内存" class="headerlink" title="free 查询可用内存"></a>free 查询可用内存</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line">free -h</span><br><span class="line"><span class="comment"># -b -k -m -g : 以byte, KB, MB, GB为单位</span></span><br><span class="line">free    </span><br><span class="line"><span class="comment">#              total       used       free     shared    buffers      cached</span></span><br><span class="line"><span class="comment"># Mem:        516372     293056     223316        152      75256     160428</span></span><br><span class="line"><span class="comment"># -/+ buffers/cache:      57372     459000</span></span><br><span class="line"><span class="comment"># Swap:       135164          0     135164</span></span><br><span class="line"><span class="comment"># total :总计物理内存,  used :已使用  free:可使用  shared :多个进程共享的  buffers/cached :磁盘缓存的大小</span></span><br><span class="line"><span class="comment"># swap :交换分区, 即虚拟缓存</span></span><br><span class="line">free -s 10  <span class="comment"># 每10秒刷新一次</span></span><br></pre></td></tr></table></figure>
<h3 id="fdisk-磁盘列表"><a href="#fdisk-磁盘列表" class="headerlink" title="fdisk 磁盘列表"></a>fdisk 磁盘列表</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br></pre></td><td class="code"><pre><span class="line">$ fdisk -l</span><br><span class="line">磁盘 /dev/sda：239.5 GB, 239511535616 字节，467795968 个扇区</span><br><span class="line">Units = 扇区 of 1 * 512 = 512 bytes</span><br><span class="line">扇区大小(逻辑/物理)：512 字节 / 4096 字节</span><br><span class="line">I/O 大小(最小/最佳)：65536 字节 / 65536 字节</span><br><span class="line">磁盘标签类型：dos</span><br><span class="line">磁盘标识符：0x0004b739</span><br><span class="line"></span><br><span class="line">   设备 Boot      Start         End      Blocks   Id  System</span><br><span class="line">/dev/sda1   *        2048     1026047      512000   83  Linux</span><br><span class="line">/dev/sda2         1026048   467795967   233384960   83  Linux</span><br><span class="line"></span><br><span class="line">磁盘 /dev/sdb：8001.0 GB, 8001020755968 字节，15626993664 个扇区</span><br><span class="line">Units = 扇区 of 1 * 512 = 512 bytes</span><br><span class="line">扇区大小(逻辑/物理)：512 字节 / 4096 字节</span><br><span class="line">I/O 大小(最小/最佳)：65536 字节 / 65536 字节</span><br><span class="line">磁盘标签类型：dos</span><br><span class="line">磁盘标识符：0x7356a9d5</span><br><span class="line"></span><br><span class="line">   设备 Boot      Start         End      Blocks   Id  System</span><br><span class="line">/dev/sdb1            2048  4294967294  2147482623+  83  Linux</span><br></pre></td></tr></table></figure>
<h3 id="df-查询磁盘可用空间"><a href="#df-查询磁盘可用空间" class="headerlink" title="df  查询磁盘可用空间"></a>df  查询磁盘可用空间</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line">$ df -lh</span><br><span class="line">Filesystem      Size  Used Avail Use% Mounted on</span><br><span class="line">/dev/vda1       237G  7.9G  219G    4% /</span><br><span class="line">devtmpfs         48G     0   48G    0% /dev</span><br><span class="line">tmpfs            48G     0   48G    0% /dev/shm</span><br><span class="line">tmpfs            48G  788K   48G    1% /run</span><br><span class="line">tmpfs            48G     0   48G    0% /sys/fs/cgroup</span><br><span class="line">tmpfs           9.5G     0  9.5G    0% /run/user/0</span><br><span class="line">/dev/vdb1       2.9T  4.0G  2.8T    1% /iflytek</span><br><span class="line"></span><br><span class="line"><span class="comment"># 第一列代表文件系统对应的设备文件的路径名, 一般是分区, 第二列表示分区包含的数据块(1024字节)数目, 第3, 4列表示已用 和 可用空间. 第3, 4列加一起不等于第二列是因为每个分区保留了少量空间给管理员使用. 最后一列是挂载点.</span></span><br><span class="line"></span><br><span class="line">df -t ext3      <span class="comment"># 指定类型的磁盘</span></span><br><span class="line">df -T       <span class="comment"># 列出文件系统的类型</span></span><br></pre></td></tr></table></figure>
<h3 id="du-磁盘使用统计"><a href="#du-磁盘使用统计" class="headerlink" title="du 磁盘使用统计"></a>du 磁盘使用统计</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># 统计当前目录下各文件/目录占用磁盘大小</span></span><br><span class="line">$ du -sh *</span><br><span class="line">11M	fastdfs-5.08</span><br><span class="line">146M	ffmpeg-4.1.4-amd64-static</span><br><span class="line">339M	jdk1.8.0_71</span><br></pre></td></tr></table></figure>
<h3 id="iftop-带宽使用监控"><a href="#iftop-带宽使用监控" class="headerlink" title="iftop 带宽使用监控"></a>iftop 带宽使用监控</h3><h3 id="mtr-网络测试工具"><a href="#mtr-网络测试工具" class="headerlink" title="mtr 网络测试工具"></a>mtr 网络测试工具</h3><p>mtr（My traceroute）几乎是所有Linux发行版本预装的网络测试工具，集成了<code>tracert</code>与<code>ping</code>这两个命令的图形界面，功能十分强大。<code>ping</code>送出封包到指定的服务器。如果服务器有回应就会传送回封包，并附带返回封包来回的时间。<code>tracert</code>返回从用户的电脑到指定的服务器中间经过的所有节点（路由）以及每个节点的回应速度。</p>
<p>mtr默认发送ICMP数据包进行链路探测，通过“-u”参数指定UDP数据包用于探测。相对于traceroute只做一次链路跟踪测试，mtr会对链路上的相关节点做持续探测并给出相应的统计信息。mtr能避免节点波动对测试结果的影响，所以其测试结果更正确，建议优先使用。</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br></pre></td><td class="code"><pre><span class="line">jcy-dev (0.0.0.0)                                         Fri Feb 26 09:48:16 2021</span><br><span class="line">Keys:  Help   Display mode   Restart statistics   Order of fields   quit</span><br><span class="line">                                          Packets               Pings</span><br><span class="line"> Host                                   Loss%   Snt   Last   Avg  Best  Wrst StDev</span><br><span class="line"> 1. 172.31.46.1                          0.0%    18    0.9   0.9   0.7   2.2   0.0</span><br><span class="line"> 2. 10.253.13.65                         0.0%    18    0.8   0.7   0.6   0.9   0.0</span><br><span class="line"> 3. 10.253.13.70                         0.0%    18    1.0   0.9   0.8   1.1   0.0</span><br><span class="line"> 4. 100.65.0.9                           0.0%    18    0.4   0.4   0.3   0.5   0.0</span><br><span class="line"> 5. 36.7.109.2                           0.0%    18    1.3   1.3   1.0   2.4   0.2</span><br><span class="line"> 6. 100.64.23.1                          0.0%    18    0.8   1.6   0.7  11.4   2.4</span><br><span class="line"> 7. 10.12.0.161                          0.0%    18    2.0   1.7   1.3   2.1   0.0</span><br><span class="line"> 8. DZL-CORE-S-GE2-1.MAN.HF.AH.CN        0.0%    18    1.2   1.2   1.1   1.7   0.0</span><br><span class="line"> 9. 202.102.207.101                      0.0%    17    8.6   4.4   1.3  12.8   3.9</span><br><span class="line">10. 202.97.100.1                         0.0%    17    8.6   8.4   8.3   9.0   0.0</span><br><span class="line">11. 101.95.218.246                      81.2%    17   10.9   9.7   9.0  10.9   1.0</span><br><span class="line">12. 101.95.209.70                        0.0%    17    9.8   9.8   9.3  13.3   0.8</span><br><span class="line">13. 180.163.38.30                        0.0%    17    9.2  10.0   9.0  17.4   2.1</span><br><span class="line">14. 42.120.241.42                        0.0%    17   11.5  11.5   9.5  35.9   6.3</span><br><span class="line">15. 116.251.116.97                       0.0%    17   10.9  16.5  10.8  41.6   8.7</span><br><span class="line">16. ???</span><br><span class="line">17. ???</span><br><span class="line">18. public1.alidns.com                   0.0%    17   10.0  10.1  10.0  10.3   0.0</span><br></pre></td></tr></table></figure>
<h4 id="常见可选参数说明"><a href="#常见可选参数说明" class="headerlink" title="常见可选参数说明"></a>常见可选参数说明</h4><ul>
<li>-r或–report：以报告模式显示输出。</li>
<li>-p或–split：将每次追踪的结果分别列出来，而非–report统计整个结果。</li>
<li>-s或–psize：指定ping数据包的大小。</li>
<li>-n或–no-dns：不对IP地址做域名反解析。</li>
<li>-a或–address：设置发送数据包的IP地址。用于主机有多个IP的情况。</li>
<li>-4：只使用IPv4协议。</li>
<li>-6：只使用IPv6协议。</li>
</ul>
<p>在mtr运行过程中，您也可以输入相应字母来快速切换模式，各字母的含义如下。</p>
<ul>
<li>?或h：显示帮助菜单。</li>
<li>d：切换显示模式。</li>
<li>n：切换启用或禁用DNS域名解析。</li>
<li>u：切换使用ICMP或UDP数据包进行探测。</li>
</ul>
<h4 id="返回结果说明"><a href="#返回结果说明" class="headerlink" title="返回结果说明"></a>返回结果说明</h4><p>默认配置下，返回结果中各数据列的说明如下。</p>
<ul>
<li>第一列（Host）：节点IP地址和域名。按 <strong>n</strong> 键可切换显示。</li>
<li>第二列（Loss%）：节点丢包率。</li>
<li>第三列（Snt）：每秒发送数据包数。默认值是10，可以通过“-c”参数指定。</li>
<li>第四列（Last）：最近一次的探测延迟。</li>
<li>第五、六、七列（Avg、Best、Worst）：分别是探测延迟的平均值、最小值和最大值。</li>
<li>第八列（StDev）：标准偏差。越大说明相应节点越不稳定。</li>
</ul>
<h4 id="分析链路测试结果"><a href="#分析链路测试结果" class="headerlink" title="分析链路测试结果"></a>分析链路测试结果</h4><ul>
<li><p>结合Avg（平均值）和StDev（标准偏差），判断各节点是否存在异常。</p>
<ul>
<li><p>若StDev很高，则同步观察相应节点的Best和Worst，来判断相应节点是否存在异常。</p>
</li>
<li><p>若StDev不高，则通过Avg来判断相应节点是否存在异常。</p>
<blockquote>
<p><strong>注意</strong>：上述StDev高或者不高，并没有具体的时间范围标准。而需要根据同一节点其它列的延迟值大小来进行相对评估。比如，如果Avg为30ms，那么，当StDev为25ms，则认为是很高的偏差。而如果Avg为325ms，则同样的StDev为25ms，反而认为是不高的偏差。</p>
</blockquote>
</li>
</ul>
</li>
<li><p>查看节点丢包率，若“Loss%”不为零，则说明这一跳路由的网络可能存在问题。导致节点丢包的原因通常有两种。</p>
<ul>
<li>人为限制了节点的ICMP发送速率，导致丢包。</li>
<li>节点确实存在异常，导致丢包。</li>
</ul>
</li>
<li><p>确定当前异常节点的丢包原因。</p>
<ul>
<li><p>若随后节点均没有丢包，说明当前节点丢包是由于运营商策略限制所致，可以忽略。如前文链路测试结果示例图中的第2跳路由的网络所示。</p>
</li>
<li><p>若随后节点也出现丢包，说明当前节点存在网络异常，导致丢包。如前文链路测试结果示例图中的第5跳路由的网络所示。</p>
<blockquote>
<p><strong>说明</strong>：前述两种情况可能同时发生，即相应节点既存在策略限速，又存在网络异常。对于这种情况，若当前节点及其后续节点连续出现丢包，而且各节点的丢包率不同，则通常以最后几跳路由的网络的丢包率为准。</p>
</blockquote>
</li>
</ul>
</li>
<li><p>通过查看是否有明显的延迟，来确认节点是否存在异常。通过如下两个方面进行分析。</p>
<ul>
<li><p>若某一跳路由的网络之后延迟明显陡增，则通常判断该节点存在网络异常。如前文链路测试结果示例图所示，从第5跳路由的网络之后的后续节点延迟明显陡增，则推断是第5跳路由的网络节点出现了网络异常。</p>
<blockquote>
<p> 注：高延迟并不一定完全意味着相应节点存在异常，延迟大也有可能是在数据回包链路中引发的，建议结合反向链路测试一并分析。</p>
</blockquote>
</li>
<li><p>ICMP策略限速也可能会导致相应节点的延迟陡增，但后续节点通常会恢复正常。</p>
</li>
</ul>
</li>
</ul>
<p><a href="https://linuxtools-rst.readthedocs.io/zh_CN/latest/index.html" target="_blank" rel="noopener">Linux工具快速教程</a></p>
<p><a href="https://www.cnblogs.com/tssc/p/11041464.html" target="_blank" rel="noopener">CentOS7.5 系统最小化安装与初始化配置</a></p>

      
    </div>

    

    
    
    

    

    

    
      <div>
        <ul class="post-copyright">
  <li class="post-copyright-author">
    <strong>本文作者： </strong>Tonny Yi</li>
  <li class="post-copyright-link">
    <strong>本文链接：</strong>
    <a href="http://codertang.com/2018/03/08/linux-commands/" title="Linux常用命令">http://codertang.com/2018/03/08/linux-commands/</a>
  </li>
  <li class="post-copyright-license">
    <strong>版权声明： </strong>本博客所有文章除特别声明外，均采用 <a href="https://creativecommons.org/licenses/by-nc/4.0/" rel="external nofollow" target="_blank">CC BY-NC 4.0</a> 许可协议。转载请注明出处！</li>
</ul>

      </div>
    

    <footer class="post-footer">
      
        <div class="post-tags">
          
            <a href="/tags/linux/" rel="tag"># linux</a>
          
            <a href="/tags/命令/" rel="tag"># 命令</a>
          
        </div>
      

      
      
      

      
        <div class="post-nav">
          <div class="post-nav-next post-nav-item">
            
              <a href="/2018/03/01/spring-startup/" rel="next" title="Spring启动过程分析">
                <i class="fa fa-chevron-left"></i> Spring启动过程分析
              </a>
            
          </div>

          <span class="post-nav-divider"></span>

          <div class="post-nav-prev post-nav-item">
            
              <a href="/2018/03/30/maven/" rel="prev" title="maven">
                maven <i class="fa fa-chevron-right"></i>
              </a>
            
          </div>
        </div>
      

      
      
    </footer>
  </div>
  
  
  
  </article>



    <div class="post-spread">
      
    </div>
  </div>


          </div>
          

  



        </div>
        
          
  
  <div class="sidebar-toggle">
    <div class="sidebar-toggle-line-wrap">
      <span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
      <span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
      <span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
    </div>
  </div>

  <aside id="sidebar" class="sidebar">
    
    <div class="sidebar-inner">

      

      
        <ul class="sidebar-nav motion-element">
          <li class="sidebar-nav-toc sidebar-nav-active" data-target="post-toc-wrap">
            文章目录
          </li>
          <li class="sidebar-nav-overview" data-target="site-overview-wrap">
            站点概览
          </li>
        </ul>
      

      <section class="site-overview-wrap sidebar-panel">
        <div class="site-overview">
          <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
            
              <img class="site-author-image" itemprop="image" src="/images/avatar.png" alt="Tonny Yi">
            
              <p class="site-author-name" itemprop="name">Tonny Yi</p>
              <p class="site-description motion-element" itemprop="description">Coding, Life, Zen</p>
          </div>

          
            <nav class="site-state motion-element">
              
                <div class="site-state-item site-state-posts">
                
                  <a href="/archives/">
                
                    <span class="site-state-item-count">49</span>
                    <span class="site-state-item-name">日志</span>
                  </a>
                </div>
              

              
                
                
                <div class="site-state-item site-state-categories">
                  <a href="/categories/index.html">
                    
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                    <span class="site-state-item-count">42</span>
                    <span class="site-state-item-name">分类</span>
                  </a>
                </div>
              

              
                
                
                <div class="site-state-item site-state-tags">
                  <a href="/tags/index.html">
                    
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                      
                    
                    <span class="site-state-item-count">59</span>
                    <span class="site-state-item-name">标签</span>
                  </a>
                </div>
              
            </nav>
          

          

          
            <div class="links-of-author motion-element">
              
                <span class="links-of-author-item">
                  <a href="https://github.com/tonnyyi" target="_blank" title="GitHub"><i class="fa fa-fw fa-github"></i>GitHub</a>
                  
                </span>
              
                <span class="links-of-author-item">
                  <a href="mailto:tonnyemails@gmail.com" target="_blank" title="E-Mail"><i class="fa fa-fw fa-envelope"></i>E-Mail</a>
                  
                </span>
              
            </div>
          

          
          
            <div class="cc-license motion-element" itemprop="license">
              <a href="https://creativecommons.org/licenses/by-nc/4.0/" class="cc-opacity" target="_blank">
                <img src="/images/cc-by-nc.svg" alt="Creative Commons">
              </a>
            </div>
          

          
          

          
            
          
          

        </div>
      </section>

      
      <!--noindex-->
        <section class="post-toc-wrap motion-element sidebar-panel sidebar-panel-active">
          <div class="post-toc">

            
              
            

            
              <div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-2"><a class="nav-link" href="#文件-目录"><span class="nav-number">1.</span> <span class="nav-text">文件/目录</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#ls-文件列表"><span class="nav-number">1.1.</span> <span class="nav-text">ls 文件列表</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#mkdir-建目录"><span class="nav-number">1.2.</span> <span class="nav-text">mkdir 建目录</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#rm-删除"><span class="nav-number">1.3.</span> <span class="nav-text">rm  删除</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#cp-复制"><span class="nav-number">1.4.</span> <span class="nav-text">cp  复制</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#mv-移动"><span class="nav-number">1.5.</span> <span class="nav-text">mv 移动</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#chmod-改权限"><span class="nav-number">1.6.</span> <span class="nav-text">chmod  改权限</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#chown-改所属"><span class="nav-number">1.7.</span> <span class="nav-text">chown  改所属</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#find-查找"><span class="nav-number">1.8.</span> <span class="nav-text">find  查找</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#locate"><span class="nav-number">1.9.</span> <span class="nav-text">locate</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#which"><span class="nav-number">1.10.</span> <span class="nav-text">which</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#whereis"><span class="nav-number">1.11.</span> <span class="nav-text">whereis</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#type"><span class="nav-number">1.12.</span> <span class="nav-text">type</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#sort"><span class="nav-number">1.13.</span> <span class="nav-text">sort</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#uniq"><span class="nav-number">1.14.</span> <span class="nav-text">uniq</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#wc"><span class="nav-number">2.</span> <span class="nav-text">wc</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#realpath"><span class="nav-number">2.1.</span> <span class="nav-text">realpath</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#readlink"><span class="nav-number">2.2.</span> <span class="nav-text">readlink</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#文件内容"><span class="nav-number">3.</span> <span class="nav-text">文件内容</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#cat-读取内容"><span class="nav-number">3.1.</span> <span class="nav-text">cat  读取内容</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#grep-过滤"><span class="nav-number">3.2.</span> <span class="nav-text">grep 过滤</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#tar-压缩包"><span class="nav-number">3.3.</span> <span class="nav-text">tar 压缩包</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#tail-head-头尾"><span class="nav-number">3.4.</span> <span class="nav-text">tail/head 头尾</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#less-more-分段浏览"><span class="nav-number">3.5.</span> <span class="nav-text">less/more 分段浏览</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#cut切分"><span class="nav-number">3.6.</span> <span class="nav-text">cut切分</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#sed-基于正则的流处理器"><span class="nav-number">3.7.</span> <span class="nav-text">sed 基于正则的流处理器</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#打印-p参数"><span class="nav-number">3.7.0.1.</span> <span class="nav-text">打印   p参数</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#文本替换-s参数"><span class="nav-number">3.7.0.2.</span> <span class="nav-text">文本替换  s参数</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#地址表示法"><span class="nav-number">3.7.0.3.</span> <span class="nav-text">地址表示法</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#在行前插入一行-i参数"><span class="nav-number">3.7.0.4.</span> <span class="nav-text">在行前插入一行   i参数</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#在行后插入一行-a参数"><span class="nav-number">3.7.0.5.</span> <span class="nav-text">在行后插入一行   a参数</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#替换匹配行-c参数"><span class="nav-number">3.7.0.6.</span> <span class="nav-text">替换匹配行    c参数</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#删除匹配行-d参数"><span class="nav-number">3.7.0.7.</span> <span class="nav-text">删除匹配行   d参数</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#命令打包"><span class="nav-number">3.7.0.8.</span> <span class="nav-text">命令打包</span></a></li></ol></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#awk-格式化流处理器"><span class="nav-number">3.8.</span> <span class="nav-text">awk 格式化流处理器</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#过滤记录"><span class="nav-number">3.8.0.1.</span> <span class="nav-text">过滤记录</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#内建变量"><span class="nav-number">3.8.0.2.</span> <span class="nav-text">内建变量</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#指定分隔符"><span class="nav-number">3.8.0.3.</span> <span class="nav-text">指定分隔符</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#字符串匹配"><span class="nav-number">3.8.0.4.</span> <span class="nav-text">字符串匹配</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#拆分文件"><span class="nav-number">3.8.0.5.</span> <span class="nav-text">拆分文件</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#统计"><span class="nav-number">3.8.0.6.</span> <span class="nav-text">统计</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#awk脚本"><span class="nav-number">3.8.0.7.</span> <span class="nav-text">awk脚本</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#环境变量"><span class="nav-number">3.8.0.8.</span> <span class="nav-text">环境变量</span></a></li></ol></li></ol><li class="nav-item nav-level-2"><a class="nav-link" href="#系统信息"><span class="nav-number">4.</span> <span class="nav-text">系统信息</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#uname"><span class="nav-number">4.1.</span> <span class="nav-text">uname</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#passwd"><span class="nav-number">4.2.</span> <span class="nav-text">passwd</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#top-任务管理器"><span class="nav-number">4.3.</span> <span class="nav-text">top 任务管理器</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#查看线程"><span class="nav-number">4.3.1.</span> <span class="nav-text">查看线程</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#交互操作"><span class="nav-number">4.3.2.</span> <span class="nav-text">交互操作</span></a></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#ps-查看进程"><span class="nav-number">4.4.</span> <span class="nav-text">ps  查看进程</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#网络"><span class="nav-number">5.</span> <span class="nav-text">网络</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#iptables-防火墙"><span class="nav-number">5.1.</span> <span class="nav-text">iptables 防火墙</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#实例"><span class="nav-number">5.1.1.</span> <span class="nav-text">实例</span></a></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#firewalld"><span class="nav-number">5.2.</span> <span class="nav-text">firewalld</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#ping-测试网络通断与延迟"><span class="nav-number">5.3.</span> <span class="nav-text">ping 测试网络通断与延迟</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#tcpping"><span class="nav-number">5.4.</span> <span class="nav-text">tcpping</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#ifconfig-网络管理"><span class="nav-number">5.5.</span> <span class="nav-text">ifconfig  网络管理</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#nmcli-网络管理"><span class="nav-number">5.6.</span> <span class="nav-text">nmcli 网络管理</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#IP-网络配置"><span class="nav-number">5.7.</span> <span class="nav-text">IP 网络配置</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#netstat"><span class="nav-number">5.8.</span> <span class="nav-text">netstat</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#ss-网络"><span class="nav-number">5.9.</span> <span class="nav-text">ss - 网络</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#lsof-一切皆文件"><span class="nav-number">5.10.</span> <span class="nav-text">lsof 一切皆文件</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#sftp"><span class="nav-number">5.11.</span> <span class="nav-text">sftp</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#文件传输"><span class="nav-number">5.11.1.</span> <span class="nav-text">文件传输</span></a></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#ethtool-网卡信息查看"><span class="nav-number">5.12.</span> <span class="nav-text">ethtool 网卡信息查看</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#nslookup-查询DNS记录"><span class="nav-number">5.13.</span> <span class="nav-text">nslookup 查询DNS记录</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#dig-查询DNS解析过程"><span class="nav-number">5.14.</span> <span class="nav-text">dig 查询DNS解析过程</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#tcpdump-抓包"><span class="nav-number">5.15.</span> <span class="nav-text">tcpdump 抓包</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#常见的-TCP-报文的-Flags"><span class="nav-number">5.15.0.1.</span> <span class="nav-text">常见的 TCP 报文的 Flags:</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#设置不解析域名提示速度"><span class="nav-number">5.15.0.2.</span> <span class="nav-text">设置不解析域名提示速度</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#控制详细内容的输出"><span class="nav-number">5.15.0.3.</span> <span class="nav-text">控制详细内容的输出</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#控制时间的显示"><span class="nav-number">5.15.0.4.</span> <span class="nav-text">控制时间的显示</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#显示数据包的头部"><span class="nav-number">5.15.0.5.</span> <span class="nav-text">显示数据包的头部</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#对输出内容进行控制的参数"><span class="nav-number">5.15.0.6.</span> <span class="nav-text">对输出内容进行控制的参数</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#过滤特定流向的数据包"><span class="nav-number">5.15.0.7.</span> <span class="nav-text">过滤特定流向的数据包</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#其他参数"><span class="nav-number">5.15.0.8.</span> <span class="nav-text">其他参数</span></a></li></ol></li><li class="nav-item nav-level-4"><a class="nav-link" href="#wireshark-使用"><span class="nav-number">5.15.1.</span> <span class="nav-text">wireshark 使用</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#过滤器语法"><span class="nav-number">5.15.1.1.</span> <span class="nav-text">过滤器语法</span></a></li></ol></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#wget-文件下载"><span class="nav-number">5.16.</span> <span class="nav-text">wget 文件下载</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#curl"><span class="nav-number">5.17.</span> <span class="nav-text">curl</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#scp-远程拷贝"><span class="nav-number">5.18.</span> <span class="nav-text">scp 远程拷贝</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#文件传输RZ、SZ"><span class="nav-number">5.19.</span> <span class="nav-text">文件传输RZ、SZ</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#mount-磁盘挂载"><span class="nav-number">5.20.</span> <span class="nav-text">mount 磁盘挂载</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#LVM-Logical-volume-Manager-逻辑卷管理相关概念"><span class="nav-number">5.20.1.</span> <span class="nav-text">LVM(Logical volume Manager)逻辑卷管理相关概念</span></a></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#time-统计命令执行时间"><span class="nav-number">5.21.</span> <span class="nav-text">time 统计命令执行时间</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#date-系统时间"><span class="nav-number">5.22.</span> <span class="nav-text">date 系统时间</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#修改时间、时区、语言"><span class="nav-number">5.23.</span> <span class="nav-text">修改时间、时区、语言</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#应用"><span class="nav-number">6.</span> <span class="nav-text">应用</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#yum"><span class="nav-number">6.1.</span> <span class="nav-text">yum</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#离线安装"><span class="nav-number">6.1.1.</span> <span class="nav-text">离线安装</span></a></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#rpm-软件包管理"><span class="nav-number">6.2.</span> <span class="nav-text">rpm  软件包管理</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#service"><span class="nav-number">6.3.</span> <span class="nav-text">service</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#systemctl"><span class="nav-number">6.4.</span> <span class="nav-text">systemctl</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#init-d"><span class="nav-number">6.5.</span> <span class="nav-text">init.d</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#journalctl"><span class="nav-number">6.6.</span> <span class="nav-text">journalctl</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#export"><span class="nav-number">6.7.</span> <span class="nav-text">export</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#其他"><span class="nav-number">7.</span> <span class="nav-text">其他</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#xargs"><span class="nav-number">7.1.</span> <span class="nav-text">xargs</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#seq-生成连续的数字序列"><span class="nav-number">7.2.</span> <span class="nav-text">seq 生成连续的数字序列</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#crontab-定时任务"><span class="nav-number">7.3.</span> <span class="nav-text">crontab 定时任务</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#nohup"><span class="nav-number">7.4.</span> <span class="nav-text">nohup</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#系统监控"><span class="nav-number">8.</span> <span class="nav-text">系统监控</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#mpstat-cpu监控"><span class="nav-number">8.1.</span> <span class="nav-text">mpstat  - cpu监控</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#vmstat-内存监控"><span class="nav-number">8.2.</span> <span class="nav-text">vmstat 内存监控</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#iostat-IO监控"><span class="nav-number">8.3.</span> <span class="nav-text">iostat IO监控</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#pidstat-进程资源占用监控"><span class="nav-number">8.4.</span> <span class="nav-text">pidstat - 进程资源占用监控</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#查看内存"><span class="nav-number">8.4.1.</span> <span class="nav-text">查看内存</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#查看io"><span class="nav-number">8.4.2.</span> <span class="nav-text">查看io</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#查看上下文切换"><span class="nav-number">8.4.3.</span> <span class="nav-text">查看上下文切换</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#查看线程信息"><span class="nav-number">8.4.4.</span> <span class="nav-text">查看线程信息</span></a></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#sar-系统活动报告"><span class="nav-number">8.5.</span> <span class="nav-text">sar - 系统活动报告</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#CPU使用率"><span class="nav-number">8.5.1.</span> <span class="nav-text">CPU使用率</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#内存使用率"><span class="nav-number">8.5.2.</span> <span class="nav-text">内存使用率</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#CPU负载"><span class="nav-number">8.5.3.</span> <span class="nav-text">CPU负载</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#内存页状态"><span class="nav-number">8.5.4.</span> <span class="nav-text">内存页状态</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#swap信息"><span class="nav-number">8.5.5.</span> <span class="nav-text">swap信息</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#IO和传输速率"><span class="nav-number">8.5.6.</span> <span class="nav-text">IO和传输速率</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#块设备信息"><span class="nav-number">8.5.7.</span> <span class="nav-text">块设备信息</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#网卡流量"><span class="nav-number">8.5.8.</span> <span class="nav-text">网卡流量</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#统计网络设备通信失败信息"><span class="nav-number">8.5.9.</span> <span class="nav-text">统计网络设备通信失败信息</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#IP层统计"><span class="nav-number">8.5.10.</span> <span class="nav-text">IP层统计</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#IP层错误统计"><span class="nav-number">8.5.11.</span> <span class="nav-text">IP层错误统计</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#TCP连接信息"><span class="nav-number">8.5.12.</span> <span class="nav-text">TCP连接信息</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#TCP层错误统计"><span class="nav-number">8.5.13.</span> <span class="nav-text">TCP层错误统计</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#socket连接信息"><span class="nav-number">8.5.14.</span> <span class="nav-text">socket连接信息</span></a></li></ol></li><li class="nav-item nav-level-3"><a class="nav-link" href="#pstack-跟踪进程堆栈"><span class="nav-number">8.6.</span> <span class="nav-text">pstack 跟踪进程堆栈</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#strace-跟踪进程的系统调用"><span class="nav-number">8.7.</span> <span class="nav-text">strace 跟踪进程的系统调用</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#free-查询可用内存"><span class="nav-number">8.8.</span> <span class="nav-text">free 查询可用内存</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#fdisk-磁盘列表"><span class="nav-number">8.9.</span> <span class="nav-text">fdisk 磁盘列表</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#df-查询磁盘可用空间"><span class="nav-number">8.10.</span> <span class="nav-text">df  查询磁盘可用空间</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#du-磁盘使用统计"><span class="nav-number">8.11.</span> <span class="nav-text">du 磁盘使用统计</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#iftop-带宽使用监控"><span class="nav-number">8.12.</span> <span class="nav-text">iftop 带宽使用监控</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#mtr-网络测试工具"><span class="nav-number">8.13.</span> <span class="nav-text">mtr 网络测试工具</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#常见可选参数说明"><span class="nav-number">8.13.1.</span> <span class="nav-text">常见可选参数说明</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#返回结果说明"><span class="nav-number">8.13.2.</span> <span class="nav-text">返回结果说明</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#分析链路测试结果"><span class="nav-number">8.13.3.</span> <span class="nav-text">分析链路测试结果</span></a></li></ol></li></ol></li></div>
            

          </div>
        </section>
      <!--/noindex-->
      

      

    </div>
  </aside>


        
      </div>
    </main>

    <footer id="footer" class="footer">
      <div class="footer-inner">
        <div class="copyright">&copy; <span itemprop="copyrightYear">2021</span>
  <span class="with-love" id="animate">
    <i class="fa fa-user"></i>
  </span>
  <span class="author" itemprop="copyrightHolder">Tonny Yi</span>

  

  
</div>


  <script src="https://unpkg.com/mermaid@7.1.2/dist/mermaid.min.js"></script>
  <script>
    if (window.mermaid) {
      mermaid.initialize("");
    }
  </script>





  <div class="powered-by">由 <a class="theme-link" target="_blank" href="https://hexo.io">Hexo</a> 强力驱动</div>



  <span class="post-meta-divider">|</span>



  <div class="theme-info">主题 &mdash; <a class="theme-link" target="_blank" href="https://theme-next.org">NexT.Mist</a></div>




        








        
      </div>
    </footer>

    
      <div class="back-to-top">
        <i class="fa fa-arrow-up"></i>
        
      </div>
    

    

  </div>

  

<script type="text/javascript">
  if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
    window.Promise = null;
  }
</script>


























  
  
    <script type="text/javascript" src="/lib/jquery/index.js?v=2.1.3"></script>
  

  
  
    <script type="text/javascript" src="/lib/velocity/velocity.min.js?v=1.2.1"></script>
  

  
  
    <script type="text/javascript" src="/lib/velocity/velocity.ui.min.js?v=1.2.1"></script>
  


  


  <script type="text/javascript" src="/js/src/utils.js?v=6.3.0"></script>

  <script type="text/javascript" src="/js/src/motion.js?v=6.3.0"></script>



  
  

  
  <script type="text/javascript" src="/js/src/scrollspy.js?v=6.3.0"></script>
<script type="text/javascript" src="/js/src/post-details.js?v=6.3.0"></script>



  


  <script type="text/javascript" src="/js/src/bootstrap.js?v=6.3.0"></script>



  



	





  





  










  





  

  

  

  

  
  

  

  

  

  

  
  <style>
    .copy-btn {
      display: inline-block;
      padding: 6px 12px;
      font-size: 13px;
      font-weight: 700;
      line-height: 20px;
      color: #333;
      white-space: nowrap;
      vertical-align: middle;
      cursor: pointer;
      background-color: #eee;
      background-image: linear-gradient(#fcfcfc, #eee);
      border: 1px solid #d5d5d5;
      border-radius: 3px;
      user-select: none;
      outline: 0;
    }

    .highlight-wrap .copy-btn {
      transition: opacity .3s ease-in-out;
      opacity: 0;
      padding: 2px 6px;
      position: absolute;
      right: 4px;
      top: 8px;
    }

    .highlight-wrap:hover .copy-btn,
    .highlight-wrap .copy-btn:focus {
      opacity: 1
    }

    .highlight-wrap {
      position: relative;
    }
  </style>
  <script>
    $('.highlight').each(function (i, e) {
      var $wrap = $('<div>').addClass('highlight-wrap')
      $(e).after($wrap)
      $wrap.append($('<button>').addClass('copy-btn').append('复制').on('click', function (e) {
        var code = $(this).parent().find('.code').find('.line').map(function (i, e) {
          return $(e).text()
        }).toArray().join('\n')
        var ta = document.createElement('textarea')
        document.body.appendChild(ta)
        ta.style.position = 'absolute'
        ta.style.top = '0px'
        ta.style.left = '0px'
        ta.value = code
        ta.select()
        ta.focus()
        var result = document.execCommand('copy')
        document.body.removeChild(ta)
        
          if(result)$(this).text('复制成功')
          else $(this).text('复制失败')
        
        $(this).blur()
      })).on('mouseleave', function (e) {
        var $b = $(this).find('.copy-btn')
        setTimeout(function () {
          $b.text('复制')
        }, 300)
      }).append(e)
    })
  </script>


</body>
</html>
